I'm doing a small Windows application for fun that uses the Facebook SDK for .NET (NuGet version 6.4.2) to log
into Facebook and retrieve some information.
The thought is that the user should be able to log out again and log in with another account if he/she so wishes.
I use a
WebBrowser control to present the user with the login dialog, and once the login is done and I have received the access token, I hide that web browser and do
my nasty business.
That part was actually quite easy to do. I've posted a full article about the whole Facebook interaction thingy elsewhere, so I'm not going to go into that now.
The full article can be found here: FriendTracker - A Winforms application that interacts with Facebook
I thought that implementing the logout functionality would be just as simple. According to the documentation, this code should do it:
private string DoLogOut()
dynamic parameters = new ExpandoObject();
parameters.next = HttpUtility.UrlEncode(@"http://www.google.com", Encoding.UTF8);
parameters.access_token = _accessToken;
var fb = new FacebookClient(_accessToken);
Uri logoutUri = fb.GetLogoutUrl(parameters);
Navigating to the Logout url should log the user out of Facebook and redirect the webbrowser to the
URL specified in the "next" parameter.
I've found varying information about whether or not it's necessary to
UrlEncode the "next"
URL and whether or not it's necessary to specify the access token
as a specific parameter and not just in the constructor of the
FacebookClient object. So I tried a lot of different combinations.
But no matter what I did, it wouldn't work. All that happened was that my webbrowser was redirected to the Facebook timeline, and that the user was STILL logged in.
I Googled for many hours, and I saw that a lot of other developers had the same problem - Some claim that it's a known Facebook bug, but seeing that it seems to have been around
for at least 2-3 years, I find it hard to believe that they haven't had time to fix it yet; Nevertheless, I found a lot of different suggestions to solutions and none of them seemed to work.
One suggestion for a dirty workaround (but the only solution I can find right now that does the job) is to inject a
invoke it to click the logout button.
That solution isn't applicable straight off the shelf, though, because it seems like there is no longer any logout button on the timeline page. There IS, however,
a menu with a "Log out" menu item that submits a hidden logout form.
So my solution to everything is to check if the page contains a form with the id "
I do that in the WebBrowser Navigated event:
private void LoginWebBrowserNavigated(object sender, WebBrowserNavigatedEventArgs e)
if (loginWebBrowser.Document != null)
HtmlElement logoutForm = loginWebBrowser.Document.GetElementById("logout_form");
if (logoutForm != null)
if (e.Url.AbsoluteUri.StartsWith(@"https://www.facebook.com/index.php") ||
The last piece of code that checks for index.php is used to redirect back to the login page so that the user can log in with another account (or the same once more).
Don't be confused by the name loginWebBrowser - It's the same webbrowser used for the login and logout. I could have named it differently, but at the end of the day,
I decided that it didn't matter a whole lot.
- Version 1.00 - Initial publish.