Friday, June 8, 2012

How to avoid already-authorized in Android Facebook SDK

I'm getting a completely useless page when I use the Single Sign on for Facebook's Android SDK.

"You have already authorized happyapp. Press "Okay" to continue.

This page would destroy user experience. How the heck do I get rid of it. Lots of people have been seeing this, but no solution is posted.

Even Facebook admits this is a problem, see:

Does anyone know any work-around?

Source: Tips4all


  1. The way I did it (without additional OAuth solution) was to store off the access token in preferences as Kieveli suggested. When the main activity starts, look up the token from preferences, if it's not there initiate the authorization process and store the resulting token in preferences.

    The harder part is to handle token expiration or de-authorization of your app (ie. the token is in preferences, but is no longer valid).

    For that case, with every FB API/graph invocation, check for an exception indicating authentication failed. If it fails, initiate the authorization/token storing procedure again.

  2. using the suggestion here, this is the code that worked for me, hope it helps someone

    before login do this

    SharedPreferences prefs= PreferenceManager.getDefaultSharedPreferences(FacebookLogin.this);
    String access_token = prefs.getString("access_token", null);
    Long expires = prefs.getLong("access_expires", -1);

    if (access_token != null && expires != -1)

    if (!facebook.isSessionValid())
    facebook.authorize(FacebookLogin.this, new DialogListener() {

    after you successfully logged in do this

    String token = facebook.getAccessToken();
    long token_expires = facebook.getAccessExpires();

    SharedPreferences prefs= PreferenceManager.getDefaultSharedPreferences(FacebookLogin.this);

    prefs.edit().putLong("access_expires", token_expires).commit();

    prefs.edit().putString("access_token", token).commit();

  3. Bypass the SDK and use your own OAuth solution. Save the Access Token once acquired. Try to use it directly without sending the user to the facebook permission page. Once the token expires, you will need them to grant permission again. With advanced features comes lower level responsibilities (and more work).