Auth permission level changes to SDK

[sshadmand]

Hey SDK team. I noticed that when I gave FB permission to post a comment from the app it only requested the "comment to my wall" level permissions.
If we want to get the friend count of a user that has authed but only to that level won't it limit our ability to do so?

Jason Polites [email protected]

I think this is correct, but I think it's not a no big deal, although we may have to make some changes to the SDK.

If we add new permission, the new SDK will know it's the new SDK and know that any stored user credentials will not have these permissions so it needs to re-auth the user. I know for Android that I don't currently store the actual permissions the user has authorized so I would need to add that.

Twitter permissions are controlled by the developer on the Twitter App via the twitter website, so we also may need to handle this somehow.

[nwg]

We should have a (currently required) reason for any permission we ask for, or people might reject auth altogether. As Jason states, if we do need to upgrade perms in the future we can cleanly reauth.

For Twitter, we currently require twitter read-write, but not direct-message, be configured by the dev for things to work correctly.