The Facebook Graph API v2.4 is enabled in apps created as of July 8, 2015. This API is supported from GeneXus X Evolution 3 Upgrade 4 for Facebook Authentication. This version of Facebook's API is not supported in previous versions of GeneXus.
- They work in the same way as with previous versions with GeneXus. The only changes required are those related to the upgrade.
If the GeneXus Access Manager (GAM) administrator upgrades the API from v2.3 (or older) to v2.4, it must be taken into account that FB returns a different GUID per user when the application is changed. That is to say, when a user who had already been registered in GAM with FB app < v2.4 logs into the application after upgrading to FB v2.4, FB returns a different GUID for this user. This would imply that the user needs to be registered again in the GAM, and any relationship existing with other tables would be lost.
To solve this issue, at the application level, the GAM automatically checks for the existence of a user with the same email address (among the users authenticated via FB in GAM). The second time that the user logs into the application, if he is already registered in GAM with an email address, a new user isn't created even if a different FB GUID is used. Instead, the existing GAM user is updated.
In this case, the developer doesn't have to do anything.
However, if the user has already logged in before but for any reason, his email address isn't registered in GAM, these heuristics can't be applied. Also, a new user may be created in GAM with the new GUID. As a result, any existing relationships with other tables based on the user GUID may be lost.
For some users -due to the way in which they are defined in Facebook- FB doesn't return their email addresses when authenticating via OAuth.
In this case, when GAM is applied, an email is automatically saved by default. For example, ExternalID@facebook.com.
Once the user's email is saved in GAM, it is not changed when the user logs in again. That is to say, if the user's email is changed directly from the GAM API, it is not updated.
This can be used as WA so that the user is not created again if the FB API version is changed. That is to say, the email returned by FB in the user profile can be forced so that the logic to confirm that users are unique works correctly.