我目前正在開發一個使用官方android FB sdk的android應用程序:所以從認證/授權(SSO)到API調用的所有內容都是通過android FB sdk完成的。Android Facebook應用程序:FB webview(Login webview)cookie有效多久?
但出於安全原因,我不想在手機上存儲我的access_token。現在我有一個關於cookie存儲的Facebook webview(當您第一次登錄時)有點問題。在退出Android應用程序或者終止進程後,似乎即使我沒有在設備上存儲access_token,我仍然可以訪問android應用程序而不提供憑據,因此可能是cookie。
你guyz知道多久了facebook的cookie是有效的?
感謝...
您可能需要手動刪除的cookie,當你用它做。
CookieManager.getInstance().removeAllCookies();
這可能是那種上的所有Cookie核彈,所以檢查的文檔,如果你想上的cookies刪除得到更具體的控制。
http://developer.android.com/reference/android/webkit/CookieManager.html
這裏是被Facebook本身的清除Cookies的實施。
public static void clearFacebookCookies(Context context) {
// setCookie acts differently when trying to expire cookies between builds of Android that are using
// Chromium HTTP stack and those that are not. Using both of these domains to ensure it works on both.
clearCookiesForDomain(context, "facebook.com");
clearCookiesForDomain(context, ".facebook.com");
clearCookiesForDomain(context, "https://facebook.com");
clearCookiesForDomain(context, "https://.facebook.com");
}
private static void clearCookiesForDomain(Context context, String domain) {
// This is to work around a bug where CookieManager may fail to instantiate if CookieSyncManager
// has never been created.
CookieSyncManager syncManager = CookieSyncManager.createInstance(context);
syncManager.sync();
CookieManager cookieManager = CookieManager.getInstance();
String cookies = cookieManager.getCookie(domain);
if (cookies == null) {
return;
}
String[] splitCookies = cookies.split(";");
for (String cookie : splitCookies) {
String[] cookieParts = cookie.split("=");
if (cookieParts.length > 0) {
String newCookie = cookieParts[0].trim() + "=;expires=Sat, 1 Jan 2000 00:00:01 UTC;";
cookieManager.setCookie(domain, newCookie);
}
}
cookieManager.removeExpiredCookie();
}
如果你有Facebook SDK連接到你的項目爲lib。只需調用Session.getActiveSession()。clearFacebookCookies(getApplicationContext());