Signed request string of Expo.Facebook.logInWithReadPermissionsAsync

#1

In the Javascript version of Facebook SDK for web development, when a user is logged in Facebook, I’ll get the user access token and a signed request string. The signed request string helps verify the correctness of the token at my backend:

FB.getLoginStatus(function(response) {
if (response.status === ‘connected’) {
sendToMyBackendForVerifyAndStore(response.authResponse.accessToken,
response.authResponse.signedRequest);
}
});

When using Expo.Facebook.logInWithReadPermissionsAsync, there seems no such mechanism to ensure the correctness of access token. Do we always trust the result and store these data at backend?

reference:
https://developers.facebook.com/docs/games/gamesonfacebook/login#parsingsr

#2

There is no signed request we get back. This is the result that Facebook provides: https://developers.facebook.com/docs/reference/ios/current/class/FBSDKLoginManagerLoginResult/

closed #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.