Monday, February 13, 2012

Changes to Authorization affecting User ID retrieval

Recently Facebook made a change to their authorization structure that no longer returns the ID of the authenticating user in their initial response.  As a result you will not be able to use the user’s ID until you have made a request with the returned token for the users info.

Here is a short example of how this works.

SI.AuthenticateUser("http://localhost:55990/default.aspx", New SessionInfo.PermissionsEnum() {SessionInfo.PermissionsEnum.user_about_me, SessionInfo.PermissionsEnum.email, SessionInfo.PermissionsEnum.read_stream})
Dim UR = SI.ReadFacebooAuthResponse
If UR.Authenticated Then
     Response.Write("Success" & "<br>")
     Response.Write(UR.UserID & "<br>") 'no id present
     Dim RQ = New  Functions.Requests(SI)
     Dim U = RQ.GetUserInfo 'Request the userinfo object
     Response.Write(U.id & "<br>") 'id is now present
     Response.Write(U.username & "<br>")
Else
     Response.Write("Fail" & "<br>")
     Response.Write(UR.Access_Token & "<br>") ‘no token found
     Response.Write(UR.Error & "<br>")
     Response.Write(UR.Error_Description & "<br>")
     Response.Write(UR.Error_Reason & "<br>")
End If

We will follow up with facebook to find out why this change was made and keep you posted if and when they decide to revert back to including the ID in the original auth request.