Open brainbicycle opened 2 weeks ago
Hello,
In response to the upcoming changes to ATT enforcement, we made changes to the iOS SDK and the SDK no longer provides valid user access tokens in scenarios where the user opts out of ATT. The access token validation or Graph API requests may throw errors like OAuthException - “Invalid OAuth access token - Cannot parse access token”. Our recommendation is that users integrate Limited Login following the official documentation: https://developers.facebook.com/docs/facebook-login/limited-login/ios https://developers.facebook.com/docs/facebook-login/limited-login/unity/
See more details here.
Hello,
In response to the upcoming changes to ATT enforcement, we made changes to the iOS SDK and the SDK no longer provides valid user access tokens in scenarios where the user opts out of ATT. The access token validation or Graph API requests may throw errors like OAuthException - “Invalid OAuth access token - Cannot parse access token”. Our recommendation is that users integrate Limited Login following the official documentation: https://developers.facebook.com/docs/facebook-login/limited-login/ios https://developers.facebook.com/docs/facebook-login/limited-login/unity/
See more details here.
I understand that but it isn't the issue at hand, the authentication token returned from the SDK does not refresh unless you explicitly pass the .limited param which feels like a bug.
Hey @zhong-meta, that is not a valid response to the issue raised.
Checklist before submitting a bug report
Xcode version
15.1
Facebook iOS SDK version
17.0.0
Dependency Manager
CocoaPods
SDK Framework
Login
Goals
To consistently get a valid jwt token when invoking the login method in the Facebook sdk
Expected results
Anytime I invoke the Login methods on the sdk a new authentication token should be returned that can be verified and converted into a user session.
Actual results
Repeatedly receive the same authentication token even after expiry on subsequent Login invocations.
Steps to reproduce
You can reproduce this bug in the sample login app in this repo with some small changes:
Code samples & details
This can be worked around by explicitly passing the trackingPreference but is quite confusing with the latest SDK version automatically opting into limited login without passing explicitly in the config. It is a risk if anything goes wrong with converting the initial login to a session users can end up locked out from Facebook login.