Facebook logout when not authorized

Question

I'm building a public installation using an iPad, built as an iOS web app (using the "Add to Home Screen" functionality) which is going to allow users to share content on Facebook.

I'm currently logging the user in to Facebook and getting them to authorize my Facebook app when they click my custom share button. On a successful login, I open Facebook's Feed dialog and allow them to share. Once they have shared (or clicked cancel) I automatically log them out, making sure that the next user that uses the public installation won't be able to share to the previous user's Facebook account.

This all works well, but things get tricky if someone was to hit my custom share button, log in to Facebook and then not allow my app. This would mean that they have logged in, but as they haven't authorized the app, I don't have an access token, and so can't log them out (FB.logout() requires an access token).

Is there a way around this? Or is there another way that I can log a user out? Or is there a safe way to allow a user of a public installation (built in HTML) to share on Facebook and be automatically logged out afterwards? Would building a native obj-c app, and using Facebook's iOS SDK help?

The best I can think of is that if the user logs in but doesn't allow the application, they are told that they need to log out, and redirected to Facebook to be able to do this. However this offers them the chance to browse Facebook and (through shared links in their feed) the whole Internet - this isn't acceptable for our installation.

Answer 1

I solved this problem by creating a native iOS app, where the Facebook share link opened in it's own UIWebView. And once the sharing was complete, I deleted all session & cookie information, effectively logging the user out.