Session key invalid or no longer valid

May 13, 2010 at 11:14 AM

Hi!!

I'm using 3.1 beta version of API.

When i logout and after login in facebook , my application raise this exception:

" Session key invalid or no longer valid"

If i reload my home page all work fine.

this is my code, that is in a MasterPage

 

       protected void Page_Init(object s, EventArgs e)
        {
            connectSession = new Facebook.Session.ConnectSession(ConfigurationManager.AppSettings["ApiKey"], ConfigurationManager.AppSettings["Secret"]);
            //string p = connectSession.CheckPermissions();

           
                         
            if (!connectSession.IsConnected() || string.IsNullOrEmpty(connectSession.SessionKey) )
            {
              
               

                LabelUserName.Text = Traduci("EffettuaLog") + "&nbsp;&nbsp;&nbsp;<fb:login-button></fb:login-button>" ;
                LabelUserName.Visible = true;
                ContentPlaceHolder1.Visible = false;
            }
            else
            {
                try
                {
                    if (!IsPostBack)
                    {
                        connectSession.Login();
                      
                        Api = new Facebook.Rest.Api(connectSession);
                        Facebook.Schema.user u = Api.Users.GetInfo();

                       
                       
                        Session[Kill.FACEBOOK_API] = Api;

                        LabelUserName.Text = string.Format(Traduci("Benvenuto"), u.name);

                        ContentPlaceHolder1.Visible = true;
                        numeroMorti = string.Format(Resources.Lingua.NumeroMorti, Kill.numberOfDeath(u.uid.ToString()));
                        LinkNumeroMorti.NavigateUrl = "~/facebook/Read.aspx?id_from=" + u.uid.ToString();
                        
                    }
                   
                }
                catch (Exception ex)
                {

                    LabelUserName.Text = Traduci("EffettuaLog");
                
                   
                   
                    ContentPlaceHolder1.Visible = false;
                    Kill.Logger.Error(ex);
                }
            }
        }

 

May 15, 2010 at 9:59 AM

if you are using Facebook Connect website after you catch exception call method bellow and call Response.Redirect on you page.

I am still having this problem with Facebook iFrame applications. Does anybody know how to solve this.



        public static void ClearCookies()
        {

            private static string[] shortNames = new[] { "user", "session_key", "expires", "ss" };

            HttpContext currentContext = HttpContext.Current;
            if (currentContext == null) return;
            string appKey = ConfigurationManager.AppSettings["APIKey"];
            if (appKey == null)
            {
                throw new Exception("APIKey is not defined in web.config");
            }

            foreach (var name in shortNames)
            {
                string fullName = appKey + "_" + name;
                if (currentContext.Response.Cookies[fullName] != null)
                {
                    currentContext.Response.Cookies[fullName].Expires = DateTime.Now.AddMonths(-1);
                }
            }
        }

May 16, 2010 at 9:40 PM

As far as i have understod the issue, there is no way to prevent that error from happening.

I added this to my web-applications global.asax:

 

        void Application_Error(object sender, EventArgs e)
        {
            Exception ex = Server.GetLastError().GetBaseException();

            if (ex is Facebook.Utility.FacebookException)
            {
                if (ex.Message.ToLower() == "Session key invalid or no longer valid".ToLower())
                {
                    FacebookService.ClearFacebookCookies(System.Configuration.ConfigurationManager.AppSettings["APIKey"]);
                    Server.ClearError();
                    Response.Redirect("/");
                }
            }

        }

It simply catches the error, clears the cookies and redirects to the root of the site. You could instead redirect to a nice error page, explaining why they got logged out, and make it easy for them to connect again.

Note that FacebookService.ClearFacebookCookies is the same as the code vatlab posted.

 

May 17, 2010 at 9:36 AM
Thanks... This is a good solution for me at this time...
May 17, 2010 at 9:54 AM
...ok infinite loop on redirect... XD
May 17, 2010 at 10:00 AM
...clear Cookies is a good idea? Now when the " Session key invalid or no longer valid" error appear , it not resolve whit redirec on home page, but it repeat always!!