Facebook Oauth Logout

Question

I have an application that integrates with Facebook using Oauth 2    I can authorize with FB and query their REST and Graph APIs perfectly well  but when I authorize an active browser session is created with FB  I can then log-out of my application just fine  but the session with FB persists  so if anyone else uses the browser they will see the previous users FB account  unless the previous user manually logs out of FB also    The steps I take to authorize are    Call  LINK  graph facebook com oauth authorize client id       This step opens a Facebook login connect window if the user s browser doesn t already have an active FB session  Once they log-in to facebook they redirect to my site with a code I can exchange for an oauth token    Call  LINK  graph facebook com oauth access token client id    with the code from  1    Now I have an Oauth Token  and the user s browser is logged into my site  and into FB    I call a bunch of APIs to do stuff  i e   LINK  graph facebook com me access token       Lets say my user wants to log out of my site  The FB terms and conditions demand that I perform Single Sign Off  so when the user logs out of my site  they also are logged out of Facebook  There are arguments that this is a bit daft  but I m happy to comply if there is any way of actually achieving that   I have seen suggestions that   A  I use the Javascript API to logout  FB Connect logout    Well I tried using that  but it didn t work  and I m not sure exactly how it could  as I don t use the Javascript API in any way on my site  The session isn t maintained or created by the Javascript API so I m not sure how it s supposed to expire it either   B  Use  LINK  facebook com logout php   This was suggested by an admin in the Facebook forums some time ago  The example given related to the old way of getting FB sessions  non-oauth  so I don t think I can apply it in my case   C  Use the old REST api expireSession or revokeAuthorization  I tried both of these and while they do expire the Oauth token they don t invalidate the session that the browser is currently using so it has no effect  the user is not logged out of Facebook   I m really at a bit of a loose end  the Facebook documentation is patchy  ambiguous and pretty poor  The support on the forums is non-existant  at the moment I can t even log in to the facebook forum  and aside from that  their own FB Connect integration doesn t even work on the forum itself  Doesn t inspire much confidence   Ta for any help you can offer   Derek  ps  Had to change HTTPS to LINK  not enough karma to post links which is probably fair enough

User · Answer

Here s an alternative to the accepted answer that works in the current  2 12  version of the API    lt a href     onclick  logoutFromFacebookAndRedirect   logout    gt Logout lt  a gt    lt script gt      FB init           appId    your-app-id            cookie  true          xfbml  true          version   v2 12               function logoutFromFacebookAndRedirect redirectUrl            FB getLoginStatus function  response                if  response status     connected                   FB logout function  response                        window location href   redirectUrl                                  else                 window location href   redirectUrl                     lt  script gt

User · Answer

This works as of now - and is documented on facebook s site   http   developers facebook com docs authentication    Not sure how recently it was added to the documentation  pretty sure it wasn t there when I checked Feb-2012     You can programmatically log the user our of Facebook by redirecting   the user to      https   www facebook com logout php next YOUR REDIRECT URL amp access token USER ACCESS TOKEN

User · Answer

I can programmatically log user out Facebook by redirecting user to   https   www facebook com logout php next YOUR REDIRECT URL amp access token USER ACCESS TOKEN    The URL supplied in the next parameter must be a URL with the same base domain as your application as defined in your app s settings   More details  https   developers facebook com docs authentication

User · Answer

Christoph  just adding someting   i dont think so this is a correct way to logout at both places at the same time   lt a href   logout  onclick  FB logout     gt Logout lt  a gt     Just add id to the anchor tag    lt a id  fbLogOut  href   logout  onclick  FB logout     gt Logout lt  a gt       document  ready function         fbLogOut   click function e         e preventDefault          FB logout function response                   user is now logged out             var url     this  attr  href                window location  url

User · Answer

I am having the same problem  I also login using oauth  I am using RubyOnRails   but for logout  I do it with JavaScript using a link like this     lt a href   logout  onclick  FB logout     gt Logout lt  a gt     This first calls the onclick function and performs a logout on facebook  and then the normal  logout function of my site is called    Though I would prefer a serverside solution as well  but at least it does what I want  it logs me out on both sites    I am also quite new to the Facebook integration stuff and played around the first time with it  but my general feeling is that the documentation is pretty spread all over the place with lots of outdated stuff

User · Answer

A note for Christoph s answer  Facebook Oauth Logout The logout function requires a callback function to be specified and will fail without it  at least on Firefox  Chrome works without the callback   FB logout function response

User · Answer

This solution no longer works with FaceBook s current API  seems it was unintended to begin with   http   m facebook com logout php confirm 1 amp next http   yoursitename com    Try to give this link on you signout link or button where  yoursitename com  is where u want to redirect back after signout may be ur home page   It works

User · Answer

You can do this with the access token      access array   split        access token     session key    access array 1     You can use that  session key in the PHP SDK to generate a functional logout URL    logoutUrl    facebook- gt getLogoutUrl array  next    gt   logoutUrl   session key    gt   session key      This ends the browser s facebook session

User · Answer

For Python developers that want to log user out straight from the backend  At the moment I m writing this  the trick with m facebook com no longer works  at least for me  and user is redirected to the mobile FB login page which obviously is not good for UX   Fortunately  FB PHP SDK has a semi-documented solution  in case the link doesn t lead to getLogoutUrl   function  just search look for it on that page   This is also mentioned in at least one other on StackOverflow  Facebook php SDK getLogoutUrl   problem    BTW I ve just noticed that Zach Greenberg got it right in this question  but I m adding my answer as a summary for Python developers

User · Answer

the mobile solution suggested by Sumit works perfectly for AS3 Air   html location    http   m facebook com logout php confirm 1 amp next http   yoursitename com

User · Answer

With PHP I m doing    lt a href   action logout  gt logout  lt  a gt   if isset   GET  action     amp  amp    GET  action        logout         facebook- gt destroySession        header WHERE YOU WANT TO REDIRECT TO       exit        Works and is nice and easy am just trying to find a logout button graphic now

User · Answer

Update  This solution works and just a call to  FB logout    doesn t work because browser wants a user interaction to actually call this function  so that it knows - it is a user not a script    lt a href     onclick  FB logout     gt Logout lt  a gt

User · Answer

it s simple just type    facebook- setSession null   for logout

[facebook] Facebook Oauth Logout

Examples related to facebook

Examples related to oauth

Examples related to logout