This is a known issue: http://www.mulesoft.org/jira/browse/MULE-6847
Also the fact that http://www.mulesoft.org/jira/browse/CLDCONNECT-185 has been closed Unresolved
with a Usage Issue
status makes me wonder if doing anything but crafting an HTTP response in the flow that contains <facebook:authorize />
is actually discouraged.
You may want to upvote/watch/comment/re-open these issues if you think you have a strong case for it.