I need some help on this one ....

So the problem I am facing is that while fetching the Facebook account from ACAccount, the alert view informs too many permissions. I am getting an alert box when I use the ACAccount login for facebook.

It says APP_NAME would like to access your basic profile info and list of friends

This shows up even when my permissions set is an empty array.

NSArray * FB_PERMISSIONS = @[];
// or FB_PERMISSIONS = @[@"public_profile", @"likes", @"email"];
// It does not matter what the array is -> The alert has extra sentences.

ACAccountType *FBaccountType= [_accountStore accountTypeWithAccountTypeIdentifier:ACAccountTypeIdentifierFacebook];
NSString *key = [[NSBundle mainBundle] objectForInfoDictionaryKey:@"FacebookAppID"];;
NSDictionary *dictFB = [NSDictionary dictionaryWithObjectsAndKeys:key,ACFacebookAppIdKey,FB_PERMISSIONS,ACFacebookPermissionsKey, nil];
[_accountStore requestAccessToAccountsWithType:FBaccountType options:dictFB completion:

What am I trying to do here?

I am just needing the "public_profile", @"email" and "likes". The alert says APP_NAME would like to access your profile, and likes on your behalf. In addition, APP_NAME would like to access your basic profile info and list of friends

Why is that second sentence there? How do I get rid of it? I can see a number of apps where the second line that talks about basic profile and list of friends does not show up.

Expected result:

APP_NAME would like to access your profile and likes.

Update:

Check my answer for solution.

There is nothing in the FB SDK docs that explain any of this. They made this way so that users can use the Facebook pop UI and pick the permissions they want to authorize. I guess Facebook design's philosophy is to give as much control and transparency to the user. But with the OS pop-up it hides a lot of permissions underneath. I guess it's Apple's design philosophy to show minimal information. This works best for developers scenario, as users usually freak out when they see so many permissions being asked by the app.

Anyway, if you take a look at FBSDKLoginManager+Internal.h you can checkout the capabilities for System login. Further digging, I've discovered that FBSDKLoginButton is pointless. The best way to go about this is using your own instance of FBSDKLoginManager, and set the system account type to be native, and if you get the error code 306, fall back to default login mechanism.

Somehow ->> This way does not show additional permissions. I have no idea how. All I know is that everything falls into place now.

Further more, you will have to setup a separate listener for ACAccountStoreDidChangeNotification so that you can tie up some edge cases. But yes, \m/

The Fix

The fix to this problem involves adding code to the view header file as well as adding code to your view file. The code examples are listed below.

To the view header file add:

//  ViewController.h
#import <FBSDKLoginKit/FBSDKLoginKit.h>
@interface ViewController : UIViewController
@property (weak, nonatomic) IBOutlet FBSDKLoginButton *loginButton;
@end

And to the view file add:

loginButton.readPermissions = 
@[@"public_profile", @"email", @"likes"];

Note that the comment in the first example was just for reference.

Why did it happen?

The reason why your problem happened was because the Account Framework and Facebook API think by default that you mean every permission there is. It requires you to be more specific in the code. I am pretty sure that you for got to do the first example of code which was supposed to go in your view header file. I understand that the code above is not what you will put in the file you are working on, but it just gives you a rough idea on doing it.

Still Confused?

If you are still confused please comment below and I will try to update my answer. It would be really helpful if you could send the code you were doing with he arrays filled not blank. If I wasn't clear please tell me and I will do the best I can to help. Sorry if there is any inconvenience!

Sources

Mainly, I found the info on here: https://developers.facebook.com/docs/facebook-login/permissions/overview and over here: https://developers.facebook.com/docs/facebook-login/ios#permissions Facebook is pretty trustworthy and creditable. I think...

Is there a reason you're not using the Facebook API instead? Requesting access via iOS APIs will require the user to be logged into Facebook via the iOS Settings. If you make the same request with Facebook's API, it can detect if the user is logged in via the settings, the FB app, or Safari. And if the user is not logged in, it'll prompt them to do so (as opposed to just erroring out and telling them to do so via settings)

Version 4.X: https://developers.facebook.com/docs/facebook-login/ios/permissions

FBSDKLoginManager *loginManager = [[FBSDKLoginManager alloc] init];
[loginManager logInWithReadPermissions:@[@"public_profile", @"likes", @"email"]
                fromViewController:self
                           handler:^(FBSDKLoginManagerLoginResult *result, NSError *error) {
  //TODO: process error or result
 }];

Version 3.X

[FBSession openActiveSessionWithReadPermissions: @[@"public_profile", @"likes", @"email"]
                                   allowLoginUI:YES
                              completionHandler:
 ^(FBSession *session, FBSessionState state, NSError *error) {
     // Handle completion by calling AppDelegate
 }];