I am trying to implement the latest FDT source (changeset 50830) with the new Facebook permissions API. This is an existing Iframe MVC app which has been working well up until now. I am seeing exceptions and/or empty session data in any scenario
except where the user is already logged in and is already an app user.
To simplify the repro of the problems I am seeing I made a very simple test controller:
public class TestController : Controller
[FacebookAuthorization(IsFbml = false)]
public ActionResult Index()
var api = this.GetApi();
ViewData["userid"] = api.Session.UserId;
And all the view does is display the userid from ViewData.
My expectation is that the user is prompted to log into facebook (if they are not already logged on) and prompted to add the app and accept app TOS (if they are not already an app user) prior to rendering the View which simply displays the userid.
Here is what actually happens:
If the user is not logged in and not an app user:
I get prompted to log in and prompted to add the app (good!)
Then I get an exception on line 473 of Utilities.cs,
var o = serializer.Deserialize<T>(response);
The exception is "Invalid JSON Primitive", and a sanitized version of the response it is trying to parse is:
This looks like a double-response which I guess is what is triggering the exception. How does this happen? It doesn't happen on subsequent page requests, just the first one in this scenario.
After this I get an exception on line 155 of IFrameCanvasSession.cs where it tries to format the redirect URL, the exception is Input string is not in a correct format
Now at this point if I try to re-load the same page, it all works and the userid is displayed on the view correctly. Setting a breakpoint on line 473 of Utilities.cs shows that this time, there is a single JSON object in the
response (no repeats)
If the user is not logged in and is already an app user, OR if the user is logged in and is not an app user:
The View renders with no exceptions, but the session information is empty and the userID is 0.
The user is never prompted to log in, and if they are not an app user already they are not prompted to add the app.
I thought the point of the [FacebookAuthorization(IsFbml = false)] controller method decoration was to force a Facebook login, and that's how it worked on the 3.0 FDT.
Normally I would go on to do some FQL and other API calls requiring a current session and userID, and these would fail if I was in this state since userid == 0. If I refresh the page it stays the same...userID == 0.
An interesting side note on the scenario where the user is logged in and is not an app user is that the app now appears in the user's list of installed applications, although the user was never prompted to add the app or accept
If the user is logged in and is an app user:
Works as expected. UserID and session info are populated and available for use in other API calls.
I'm not sure if it is relevant, but I'm using .NET 4.0, MVC 2.0, and VS2010
Are there many folks using MVC with the FDT? It looks like the MVC samples were pulled (they did exist at one point didn't they? Or are we all just going off the Kevin Marshall blog post?)