我正在使用SCRIBE库在我的应用程序中启用 Facebook 连接登录。我的问题是,每次我点击登录按钮登录并获取 access_token 后,我都在未经授权的情况下登录,因为我已登录 Facebook 并且 access_token 仍然处于活动状态。有没有办法强制 Facebook 退出或每次都向我询问新的 access_token,使用 cookie 或使用 connect.facebook.net/en_US/all.js 或只是在某个时候重定向它是个好主意到https://www.facebook.com/logout.php?access_token=appId&confirm=1&next=http://localhost:8080/。我知道关于这个话题有很多问题,但所有这些问题和建议的解决方案都让我感到困惑。这是处理 Facebook 响应的托管 bean 中的 my post 构造方法。
@PostConstruct public void init() { FacesContext context = FacesContext.getCurrentInstance(); HttpServletRequest req = (HttpServletRequest) 上下文 .getExternalContext().getRequest();
responseCode = req.getParameter("code");
System.out.println("The code is: "+responseCode);
//facebook data
final String PROTECTED_RESOURCE_URL = "https://graph.facebook.com/me";
final Token EMPTY_TOKEN = null;
String apiKey = "MY_API_KEY";
String apiSecret = "MY_API_SECRET";
String callbackUrl="the-redirect_page_in_my_application";
OAuthService service = new ServiceBuilder().provider(FacebookApi.class)
.apiKey(apiKey).apiSecret(apiSecret)
//.scope(SCOPE)
.callback(callbackUrl).build();
//get authorization Url
String authorizationUrl = service.getAuthorizationUrl(EMPTY_TOKEN);
Verifier v=new Verifier(responseCode);
Token accessToken = service.getAccessToken(EMPTY_TOKEN, v);
// Now let's go and ask for a protected resource!
OAuthRequest request = new OAuthRequest(Verb.GET,
PROTECTED_RESOURCE_URL);
service.signRequest(accessToken, request);
Response response = request.send();
Gson gson = new GsonBuilder().create();
FacebookUser faceUser = gson.fromJson(response.getBody(), FacebookUser.class);
setUserName(faceUser.getName());
setUserFacebook(faceUser.getUsername());
setGender(faceUser.getGender());
FacesContext.getCurrentInstance().responseComplete();
}