Updating Facebook from Android

Question

I have the below script running and it works perfectly. What I am wondering is. Why does facebook give me a secret key if I dont have to implement it as I have not below.

    Facebook facebook = new Facebook("APP_ID"); // Application ID of your app at facebook
    boolean isLoggedIn = false;

    @Override
    public void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.main);


        //Implementing SSO
        facebook.authorize(this, new String[]{"publish_stream"}, new DialogListener(){

            @Override
            public void onComplete(Bundle values) {
                //control comes here if the login was successful
//              Facebook.TOKEN is the key by which the value of access token is stored in the Bundle called 'values'
                Log.d("COMPLETE","AUTH COMPLETE. VALUES: "+values.size());
                Log.d("AUTH TOKEN","== "+values.getString(Facebook.TOKEN));
                updateStatus(values.getString(Facebook.TOKEN));
            }

            @Override
            public void onFacebookError(FacebookError e) {
                Log.d("FACEBOOK ERROR","FB ERROR. MSG: "+e.getMessage()+", CAUSE: "+e.getCause());
            }

            @Override
            public void onError(DialogError e) {
                Log.e("ERROR","AUTH ERROR. MSG: "+e.getMessage()+", CAUSE: "+e.getCause());
            }

            @Override
            public void onCancel() {
                Log.d("CANCELLED","AUTH CANCELLED");
            }
        });
    }

    //updating Status
    public void updateStatus(String accessToken){
        try {
            Bundle bundle = new Bundle();
            bundle.putString("message", "test update"); //'message' tells facebook that you're updating your status
            bundle.putString(Facebook.TOKEN,accessToken);
            //tells facebook that you're performing this action on the authenticated users wall, thus 
//          it becomes an update. POST tells that the method being used is POST
            String response = facebook.request("me/feed",bundle,"POST");
            Log.d("UPDATE RESPONSE",""+response);
        } catch (MalformedURLException e) {
            Log.e("MALFORMED URL",""+e.getMessage());
        } catch (IOException e) {
            Log.e("IOEX",""+e.getMessage());
        }
    }

    @Override
    public void onActivityResult(int requestCode, int resultCode, Intent data) {
        super.onActivityResult(requestCode, resultCode, data);

        Log.d("onActivityResult","onActivityResult");
        facebook.authorizeCallback(requestCode, resultCode, data);
    }

Answer 1

The most likely reason is that you had already logged on for this app, or had previously logged on with the Facebook app, as a result of which Facebook had allocated you an access token - which is then valid until the app explicitly signs off, or the user disables app access (in the Facebook server-side user profile).

So when you do the authorize, the underlying Facebook SDK simply retrieves the access token, and you do not need to login.

You can disable the access token by going to Facebook for your user and doing Account settings (drop down at top right), then Apps (at left) and disabling your app's access. At which point, when you next run your app, the user will have to log in to Facebook and authorize your app.