CODEWITHSUNDEEP
phpfacebook
sensorario
sensorario

Reputation: 21600

Re-asking for Declined Facebook Permissions (auth_type=rerequest) does not work

we are developing a Facebook application with PHP SDK 3.2.3 and Javascript SDK. I need to re-ask users permission to publish on their wall if they denied access to publish on Facebook at login.

As documentation says:

[...] Your app must re-ask for declined permissions with special handling. [...]

[...] Web apps must explicitly pass a new option to the Login Dialog: auth_type: rerequest. Details on how the new option works on the web is covered in our documentation on using the JavaScript SDK on the Web.

but we tried with this request:

https://www.facebook.com/dialog/oauth?auth_type=rerequest&client_id=1...7&redirect_uri=MY_PAGE&state=a1f4412db0617ef1a620ac1d1ebc2af8&sdk=php-sdk-3.2.3&campaign_page_with_active_panel=MY_PAGE

but users are redirected directly on MY_PAGE url and permissions are not re-requested.

This (wrong) behavior may be due to the fact that application is a test application?

Upvotes: 7

Views: 6285

Answers (3)

patrikw
patrikw

Reputation: 25

Assuming that user declined email permission, with FacebookSDK and laravel where $fb is instance of FacebookSDK, you can:

return redirect()->to($fb->getReRequestUrl(['email']));

without FacebookSDK:

return redirect('https://www.facebook.com/v2.10/dialog/oauth?' . build_query([
                    'client_id'     => config('services.facebook.client_id'),
                    'redirect_uri'  => 'http://localhost:8000/social_auth/facebook/callback',
                    'state'         => $state,
                    'auth_type'     => 'rerequest',
                    'scope'         => 'email'
                ]));

Upvotes: 0

Logician
Logician

Reputation: 1

In php SDK (3.x) auth_type rerequest can be send to Facebook via getLoginUrl parameter:

$loginUrl = $facebook->getLoginUrl(array(
    'scope' => 'public_profile, user_friends, email',
    'redirect_url' => 'http://www.yourul.com/example.php',
    'auth_type' => 'rerequest',
));

Upvotes: -1

chifliiiii
chifliiiii

Reputation: 2339

On the js sdk I directly call the login method like this:

FB.login( function( response ) {
      if (response.status == 'connected') {

      }
},{
      scope: 'email,public_profile',
      return_scopes: true,
      auth_type: 'rerequest'
 });

On the server side I use the accesstoken to request for user details on Facebook. If the email is not provided I return an error telling the user that he needs to log in again and provide email. When they click the login button again because of the auth_type: 'rerequest' part they will be requested again for permissions.

Upvotes: 7

Related Questions