如何在iOS App中完全注销Facebook SDK Auth
[英]How to completely Logout of Facebook SDK Auth in iOS App
问题描述
using FBSDKCoreKit 4.22.1 
使用FBSDKCoreKit 4.22.1
I have an app installed publicly, servicing multiple users during the day. 我公开安装了一个应用程序,在白天为多个用户提供服务。 A person can walk up to the iPad and login with their Facebook account: 一个人可以走到iPad并使用他们的Facebook帐户登录:
After successful login, than can do their work and use the app and than they will logout some time later: 成功登录后,可以做他们的工作并使用应用程序,而不是他们将在一段时间后注销:
The Logout happens successfully. Logout发生成功。 Then the next user comes up to use the public iPad and clicks the Facebook Login button, yet they will see: 然后下一个用户开始使用公共iPad并点击Facebook登录按钮,但他们会看到:
The FBSDKLoginManager or other Facebook SDK Libs has remembered some elements of the previous user's Facebook login. FBSDKLoginManager或其他Facebook SDK Libs记得以前用户Facebook登录的一些元素。
I want to completely clear out any information about the previous user's Facebook credentials 我想彻底清除有关以前用户的Facebook凭据的任何信息
After successful Logout, this FBSDKLoginButtonDelegate method is called and I have tried the following to completely remove the Facebook account info with no success: 成功注销后,调用此FBSDKLoginButtonDelegate方法,我已尝试以下方法完全删除Facebook帐户信息但没有成功:
func loginButtonDidLogOut(_ loginButton: FBSDKLoginButton!) {
print("\(#function) in \(#file.components(separatedBy: "/").last ?? "")")
print("Todo, must completely remove Facebook Auth token info for current user logging out")
FBSDKAccessToken.setCurrent(nil)
FBSDKLoginManager().logOut()
FBSDKProfile.setCurrent(nil)
}
So with FBSDKCoreKit 4.22.1 Safari browser is used to open the Facebook authentication redirect URL and that Javascript uses local storage: 因此,使用FBSDKCoreKit 4.22.1,Safari浏览器用于打开Facebook身份验证重定向URL,并且Javascript使用本地存储:
Interestingly, Blocking all Cookies, which Apple implies will also block Website Data (localStorage), does NOT block local storage and Facebook and still create Web Site data stores: 有趣的是,阻止所有Cookie,Apple暗示也将阻止网站数据(localStorage),不阻止本地存储和Facebook,仍然创建网站数据存储:
"Change which cookies and website data are accepted: Select a “Cookies and website data” option:" “更改接受哪些Cookie和网站数据:选择”Cookie和网站数据“选项:”
- "Always block: Safari doesn't let any websites, third parties, or advertisers store cookies and other data on your Mac. This may prevent some websites from working properly." “永远阻止:Safari不允许任何网站,第三方或广告商在您的Mac上存储Cookie和其他数据。这可能会阻止某些网站正常运行。”
And that is where I expect Local Storage to be blocked as well as cookies but Facebook can still create local storage entries 这就是我希望阻止本地存储以及cookie的地方,但Facebook仍然可以创建本地存储条目
3 个解决方案
解决方案1
3 2017-05-21 02:00:49
I had a similar issue and I ended up using a MODIFIED version of the SDK which is actually quite dangerous because another developer may not know that it was modified.. So you'd need to leave a note.. 我有一个类似的问题,我最终使用SDK的MODIFIED版本实际上非常危险,因为另一个开发人员可能不知道它被修改..所以你需要留下一个注释..
Issue: After you log out, you are still logged in (in Safari).. but only if you use Native login or System login, and there's no way to log out of Safari from within the app itself.. Super annoying (You cannot clear Safari's cookies or data from within the app either). 问题:你注销后,你仍然登录(在Safari中)..但是只有你使用本机登录或系统登录,并且没有办法从应用程序本身注销Safari ..超级烦人(你不能从应用程序中清除Safari的cookie或数据。
Solution(s): 解决方案(S):
If you look through the documentation for the SDK, it shows: 如果您查看SDK的文档,它会显示:
// Copyright (c) 2014-present, Facebook, Inc. All rights reserved.
//
// You are hereby granted a non-exclusive, worldwide, royalty-free license to use,
// copy, modify, and distribute this software in source code or binary form for use
// in connection with the web services and APIs provided by Facebook.
//
// As with any software that integrates with the Facebook platform, your use of
// this software is subject to the Facebook Developer Principles and Policies
// [http://developers.facebook.com/policy/]. This copyright notice shall be
// included in all copies or substantial portions of the software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
// FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
// IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
// CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
typedef NS_ENUM(NSUInteger, FBSDKLoginBehavior)
{
/*!
@abstract This is the default behavior, and indicates logging in through the native
Facebook app may be used. The SDK may still use Safari instead.
*/
FBSDKLoginBehaviorNative = 0,
/*!
@abstract Attempts log in through the Safari or SFSafariViewController, if available.
*/
FBSDKLoginBehaviorBrowser,
/*!
@abstract Attempts log in through the Facebook account currently signed in through
the device Settings.
@note If the account is not available to the app (either not configured by user or
as determined by the SDK) this behavior falls back to \c FBSDKLoginBehaviorNative.
*/
FBSDKLoginBehaviorSystemAccount,
/*!
@abstract Attemps log in through a modal \c UIWebView pop up
@note This behavior is only available to certain types of apps. Please check the Facebook
Platform Policy to verify your app meets the restrictions.
*/
FBSDKLoginBehaviorWeb,
};
So if you use Native but it can't, it will fallback to Safari. 因此,如果您使用Native但它不能,它将回退到Safari。 If you use System but it can't, it falls back to Native which falls back to Safari.. 如果您使用System但它不能,它会回退到Native,它会回退到Safari。
Then there's FBSDKLoginBehaviorWeb which uses a modal web-view/popup! 然后是FBSDKLoginBehaviorWeb,它使用模态网页视图/弹出窗口! So if you don't absolutely have to use Native or System Login, then I suggest you choose this option as it does NOT fall-back to Safari. 因此,如果您不必使用本机或系统登录,那么我建议您选择此选项,因为它不会回退到Safari。
Otherwise: This is what I changed so that it NEVER uses Safari in the background: 否则:这是我改变的,所以它永远不会在后台使用Safari:
FBLoginSDKManager.m: FBLoginSDKManager.m:
- (void)logInWithBehavior:(FBSDKLoginBehavior)loginBehavior
{
NSDictionary *loginParams = [self logInParametersWithPermissions:_requestedPermissions];
void(^completion)(BOOL, NSString *, NSError *) = ^void(BOOL didPerformLogIn, NSString *authMethod, NSError *error) {
if (didPerformLogIn) {
[_logger startAuthMethod:authMethod];
_performingLogIn = YES;
} else {
if (!error) {
error = [NSError errorWithDomain:FBSDKLoginErrorDomain code:FBSDKLoginUnknownErrorCode userInfo:nil];
}
[self invokeHandler:nil error:error];
}
};
switch (loginBehavior) {
case FBSDKLoginBehaviorNative: {
if ([FBSDKInternalUtility isFacebookAppInstalled]) {
[FBSDKServerConfigurationManager loadServerConfigurationWithCompletionBlock:^(FBSDKServerConfiguration *serverConfiguration, NSError *loadError) {
BOOL useNativeDialog = [serverConfiguration useNativeDialogForDialogName:FBSDKDialogConfigurationNameLogin];
if (useNativeDialog && loadError == nil) {
[self performNativeLogInWithParameters:loginParams handler:^(BOOL openedURL, NSError *openedURLError) {
if (openedURLError) {
[FBSDKLogger singleShotLogEntry:FBSDKLoggingBehaviorDeveloperErrors
formatString:@"FBSDKLoginBehaviorNative failed : %@\nTrying FBSDKLoginBehaviorBrowser", openedURLError];
}
if (openedURL) {
completion(YES, FBSDKLoginManagerLoggerAuthMethod_Native, openedURLError);
} else {
[self logInWithBehavior:FBSDKLoginBehaviorWeb]; //-- CHANGED BY BRANDON T.
}
}];
} else {
[self logInWithBehavior:FBSDKLoginBehaviorWeb]; //-- CHANGED BY BRANDON T.
}
}];
break;
}
// intentional fall through. -- CHANGED BY BRANDON T.
[self logInWithBehavior:FBSDKLoginBehaviorWeb]; //-- CHANGED BY BRANDON T.
break;
}
case FBSDKLoginBehaviorBrowser: {
[self performBrowserLogInWithParameters:loginParams handler:^(BOOL openedURL,
NSString *authMethod,
NSError *openedURLError) {
if (openedURL) {
completion(YES, authMethod, openedURLError);
} else {
completion(NO, authMethod, openedURLError);
}
}];
break;
}
case FBSDKLoginBehaviorSystemAccount: {
[FBSDKServerConfigurationManager loadServerConfigurationWithCompletionBlock:^(FBSDKServerConfiguration *serverConfiguration, NSError *loadError) {
if (serverConfiguration.isSystemAuthenticationEnabled && loadError == nil) {
[self beginSystemLogIn];
} else {
[self logInWithBehavior:FBSDKLoginBehaviorNative];
}
}];
completion(YES, FBSDKLoginManagerLoggerAuthMethod_System, nil);
break;
}
case FBSDKLoginBehaviorWeb:
[self performWebLogInWithParameters:loginParams handler:^(BOOL openedURL, NSError *openedURLError) {
completion(openedURL, FBSDKLoginManagerLoggerAuthMethod_Webview, openedURLError);
}];
break;
}
}
This makes it so that all native login or system login will fall-back to the modal-in-app UIWebView . 这使得所有本机登录或系统登录都将回退到模态应用程序UIWebView 。 Then you can clear the cookies when the log out and you'll be fine.. Delete All NSHTTPCookieStorage.sharedHTTPCookieStorage().cookies and NSURLCache.sharedURLCache().removeAllCachedResponses() after logging out. 然后你可以在注销时清除cookie,你就可以了。删除所有NSHTTPCookieStorage.sharedHTTPCookieStorage().cookies和NSURLCache.sharedURLCache().removeAllCachedResponses()退出后。
The obviously safest option is to never use the System or Native Login and instead always use: FBSDKLoginBehaviorWeb .. 显然最安全的选择是永远不要使用系统或本地登录,而是始终使用: FBSDKLoginBehaviorWeb ..
解决方案2
1 已采纳 2017-05-21 21:08:09
我可以通过将FBSDKLoginBehavior更改为FBSDKLoginBehavior来解决我的问题,请参阅此处: https : FBSDKLoginBehavior
解决方案3
0 2018-06-26 09:46:55
在这里,我将描述用户如何使用Facebook本机应用程序从您的应用程序注销: https : //stackoverflow.com/a/51039251/5093900
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.