Search code examples
objective-ciosfacebookfacebook-chatx-facebook-platform

Any way to pull out session key from access token returned by Facebook iOS SDK?


I need Facebook session key to be used in this senario: http://developers.facebook.com/docs/chat/#platauth

However, the current Facebook iOS SDK returned us a access token which is not enough for this case. I digged around a lot , found this question here:

http://www.quora.com/Do-the-OAuth2-access-tokens-in-the-new-Facebook-Graph-API-expire

But the format it described doesn't have a similarity to the access token we got.

I am a little confused on these things.

By the way, I checked out an old version iPhone targeted old Facebook SDK to test, since this older SDK provides session key directly , but this SDK now always display a error page from Facebook after a successful login. Seems this SDK is fully deprecated?

To make this question clear, this is the access token(embedded in the URL) I got from Facebook iOS SDK:

fb193174047373858://authorize/#access_token=IwDbeiWINrotP3JOd1EGoEY7OmOBd2DyV8lh73mutCM.eyJpdiI6IkdKd3BvWlItcWlWRzIwTGYtUkRUVWcifQ.J6qNtSibMmm0yFe2QNHG46jnIUXef3dV-NnbYqXkfrFABjPrgMPQRUeKHJ3GxX1T3nlU7-4P8FUT6dlfwSwHfNJrheTUZIXdd3AlsSRUiUer5xEdFA9IsGEMn6GyHheH9DSr76IeZcBjl-_s4ub3kg&expires_in=0

Solution

  • I still dont have the formula to convert FBAppAuth-ed or SafariAuth-ed access_token fragments to session_id. However, the following description will help in getting an access_token in described formula which can then be easily fragmented to derive session_id. Hope this helps.

    In iOS SDK Version 2, login is handled by following API in Facebook class:

    - (void)authorize:(NSArray *)permissions delegate:(id<FBSessionDelegate>)delegate;
    


    In the implementation of same API, if we turn off the FBAppAuth and SafariAuth, then it will invoke login dialog box and the returned access_token will be of format APP_ID | SESSION_KEY | DIGEST

    - (void)authorize:(NSArray *)permissions delegate:(id<FBSessionDelegate>)delegate 
    {
      [_permissions release];
      _permissions = [permissions retain];
      _sessionDelegate = delegate;
        //[self authorizeWithFBAppAuth:YES safariAuth:YES];
      [self authorizeWithFBAppAuth:NO safariAuth:NO]; // Turned off FBApp and Safari auth
    }
    


    The returned access_token can be captured in following call back method in Facebook class (please put a NSLog to print the token) :

    - (void)fbDialogLogin:(NSString *)token expirationDate:(NSDate *)expirationDate