--- a/fb.js	Wed Aug 10 18:23:25 2011
+++ b/fb.js	Sun Aug 21 17:51:46 2011
@@ -27,7 +27,7 @@
  * Finish initializing, whether there is an application or not.
  */
 FB_JS.initFinal = function(response) {
-  var status = {'session' : response.session, 'response': response};
+  var status = {'session' : response.authResponse, 'response': response};
   jQuery.event.trigger('fb_init', status);  // Trigger event for third-party modules.
 
   FB_JS.sessionChange(response); // This will act only if fbu changed.
@@ -42,7 +42,7 @@
  */
 FB_JS.eventSubscribe = function() {
   // Use FB.Event to detect Connect login/logout.
-  FB.Event.subscribe('auth.sessionChange', FB_JS.sessionChange);
+  FB.Event.subscribe('auth.authResponseChange', FB_JS.sessionChange);
 
   // Q: what the heck is "edge.create"? A: the like button was clicked.
   FB.Event.subscribe('edge.create', FB_JS.edgeCreate);
@@ -75,7 +75,7 @@
  */
 FB_JS.reload = function(destination) {
   // Determine url hash.
-  var session = FB.getSession();
+  var session = null; // FB.getSession() FAILS! REMOVE or REPLACE.
   var fbhash;
   if (session != null)
     fbhash = session.sig; // Use sig rather than compute a new hash.
@@ -137,10 +137,10 @@
     // @TODO can we test if third-party cookies are disabled?
   }
 
-  var status = {'changed': false, 'fbu': null, 'session': response.session, 'response' : response};
+  var status = {'changed': false, 'fbu': null, 'session': response.authResponse, 'response' : response};
 
-  if (response.session) {
-    status.fbu = response.session.uid;
+  if (response.authResponse) {
+    status.fbu = response.authResponse.userID;
     if (Drupal.settings.fb.fbu != status.fbu) {
       // A user has logged in.
       status.changed = true;
@@ -180,7 +180,7 @@
   };
 
   if (status.session) {
-    data.fbu = status.session.uid;
+    data.fbu = status.session.userID;
     // Suppress facebook-controlled session.
     data.fb_session_handoff = true;
   }
@@ -196,7 +196,7 @@
   if (Drupal.settings.fb.ajax_event_url) {
 
     // Session data helpful in ajax callbacks.  See fb_settings.inc.
-    request_data.fb_js_session = JSON.stringify(FB.getSession());
+    // request_data.fb_js_session = JSON.stringify(FB.getSession()); // FB.getSession() FAILS! REMOVE or REPLACE.
     if (typeof(Drupal.settings.fb_page_type) != 'undefined') {
       request_data.fb_js_page_type = Drupal.settings.fb_page_type;
     }
@@ -264,7 +264,7 @@
       // Respond to our jquery pseudo-events
       var events = jQuery(document).data('events');
       if (!events || !events.fb_session_change) {
-	jQuery(document).bind('fb_session_change', FB_JS.sessionChangeHandler);
+	   jQuery(document).bind('fb_session_change', FB_JS.sessionChangeHandler);
       }
 
       // Once upon a time, we initialized facebook's JS SDK here, but now that is done in fb_footer().

--- a/fb.module	Wed Aug 10 17:33:23 2011
+++ b/fb.module	Sun Aug 21 17:30:28 2011
@@ -173,6 +173,7 @@
     'xfbml' => FALSE,
     'status' => FALSE,
     'cookie' => variable_get(FB_VAR_USE_COOKIE, TRUE),
+    'oauth' => TRUE,
   );
 
   if ($_fb_app) {
@@ -191,18 +192,18 @@
     if ($_fb) {
 
       // Look for session info from several sources.
-      if ($session = $_fb->getSession()) {
+      if ($session['uid'] = $_fb->getUser()) {
         // Learned session from cookie or signed request.
         // Below, we store in our $_SESSION, just in case third-party cookies are not enabled.
       }
       elseif (isset($_REQUEST['fb_js_session'])) {
         // Ajax callback via fb.js.
-        $_fb->setSession(json_decode($_REQUEST['fb_js_session'], TRUE));
-        $session = $_fb->getSession();
+        $session = json_decode($_REQUEST['fb_js_session'], TRUE);
+        $_fb->setAccessToken($session['access_token']);
       }
-      elseif (isset($_SESSION['fb'][$_fb_app->id]['session']) && arg(0) != 'logout') {
+      elseif (isset($_SESSION['fb'][$_fb_app->id]['session']) && arg(1) != 'logout') {
         // Use the session previously stored.
-        $_fb->setSession($_SESSION['fb'][$_fb_app->id]['session']);
+        $session = $_SESSION['fb'][$_fb_app->apikey]['session'];
       }
 
       // Store session for future use.  We'll need it if third-party cookies
@@ -212,7 +213,7 @@
       }
 
       // Make javascript work even when third-party cookies disabled.
-      $fb_init_settings['session'] = $_fb->getSession();
+      $fb_init_settings['session'] = $session;
 
       // Sometimes when canvas page is open in one tab, and user logs out of
       // facebook in another, the canvas page has bogus session info when
@@ -221,7 +222,7 @@
         if (!isset($request['user_id']) ||
             $request['user_id'] != $session['uid']) {
           _fb_logout();
-          $_fb->setSession(NULL);
+          // $_fb->setSession(NULL); // REMOVE or REPLACE
           unset($session);
           unset($_SESSION['fb'][$_fb_app->id]);
           unset($fb_init_settings['session']);
@@ -235,7 +236,7 @@
                 ));
 
       // See if the facebook user id is known
-      if ($fbs = $_fb->getSession()) {
+      if ($fbs = $session) {
         fb_invoke(FB_OP_APP_IS_AUTHORIZED, array(
                     'fb_app' => $_fb_app,
                     'fb' => $_fb,
@@ -502,8 +503,7 @@
     $cache_key .= '_' . $fbu;
     // Get the user access token.
     if ($fbu == 'me' || $fbu == fb_facebook_user($fb)) {
-      $session = $fb->getSession();
-      $cache[$cache_key] = $session['access_token'];
+      $cache[$cache_key] = $fb->getAccessToken();
     }
     else {
       $session_data = fb_invoke(FB_OP_GET_USER_SESSION, array(

--- a/fb_connect.js	Wed Aug 10 17:33:20 2011
+++ b/fb_connect.js	Sun Aug 21 17:55:03 2011
@@ -57,12 +57,12 @@
     // Let's try to clean up the mess.
     FB_JS.deleteCookie('fbs_' + FB._apiKey, '/', ''); // app id
     FB_JS.deleteCookie('fbs_' + Drupal.settings.fb.apikey, '/', ''); // apikey
-  }
-  if (FB.getSession()) {
+  }/*
+  if (FB.getSession()) { // FB.getSession() FAILS! REMOVE or REPLACE.
     // Facebook needs more time to log us out. (http://drupal.org/node/1164048)
     Drupal.settings.fb.reload_url = Drupal.settings.fb_connect.front_url;
     return false;
-  }
+  }*/
 };
 
 /**

--- a/fb_connect.module	Wed Aug 10 17:33:24 2011
+++ b/fb_connect.module	Tue Aug 16 23:12:59 2011
@@ -148,7 +148,7 @@
       // @TODO fb.module should have a helper to make this cleaner.
 
       $settings['fb_init_settings']['appId'] = $fb_app->id;
-      $settings['fb_init_settings']['session'] = $fb->getSession();
+      //$settings['fb_init_settings']['session'] = $fb->getSession();
       fb_js_settings('apikey', $fb_app->apikey);
       fb_js_settings('fbu', fb_facebook_user($fb));
       fb_js_settings('fb_init_settings', $settings['fb_init_settings']);

--- a/fb_user.module	Wed Aug 10 17:33:20 2011
+++ b/fb_user.module	Sun Aug 21 20:22:13 2011
@@ -697,10 +697,10 @@
  * User has logged out.
  */
 function fb_user_user_logout($account) {
-  global $user, $_fb_app;
+  global $user, $_fb_app, $_fb;
 
   if (fb_facebook_user() &&
-      fb_api_check_session($GLOBALS['_fb'])) {
+      fb_api_check_session($_fb)) {
     // Log out of facebook, as well as Drupal. Note that code in
     // fb_connect.js and fb_canvas.js attempts to call FB.logout. However,
     // that code is not reached if the user types "/logout" directly into
@@ -716,7 +716,7 @@
     else {
       $next_url = url('<front>', array('absolute' => TRUE, 'fb_canvas' => fb_is_canvas()));
     }
-    $logout_url = $GLOBALS['_fb']->getLogoutUrl(array(
+    $logout_url = $_fb->getLogoutUrl(array(
                     'next' => $next_url,
                     'cancel_url' => $next_url,
                   ));
@@ -1041,7 +1041,7 @@
       $info = $_fb->api($fbu);
       if (isset($info['email']) &&
           ($email = $info['email'])) {
-        return user_load(array('mail' => $email));
+        return user_load_by_mail($email);
       }
     }
     catch (Exception $e) {
@@ -1163,7 +1163,7 @@
     $fb = fb_api_init($fb_app);
     $info = fb_users_getInfo(array($fbu), $fb); // TODO deprecated
     $data = $info;
-    $mail = $data['proxied_email'];
+    $mail = $data[0]['proxied_email'];
   }
 
   return $mail;

--- a/fb_devel.module	Wed Aug 10 17:33:21 2011
+++ b/fb_devel.module	Tue Aug 16 23:13:06 2011
@@ -643,7 +643,7 @@
     catch (FacebookApiException $e) {
       fb_log_exception($e, "failed to get app properties");
     }
-    $info["fb->getSession()"] = $_fb->getSession();
+   // $info["fb->getSession()"] = $_fb->getSession();
     $info["fb->getSignedRequest()"] = $_fb->getSignedRequest();
     if ($fbu) {
       try {

--- a/fb_url_rewrite.inc	Wed Aug 10 17:33:23 2011
+++ b/fb_url_rewrite.inc	Mon Aug 15 20:58:05 2011
@@ -149,7 +149,7 @@
   global $language;
 
   // Check language configuration mode.
-  $mode = variable_get('language_negotiation', LANGUAGE_NEGOTIATION_NONE);
+  $mode = variable_get('language_negotiation', '');
 
   //dpm(func_get_args(), 'fb_settings_url_rewrite_outbound'); // debug
   // See if this is a request for us.

--- a/contrib/fb_test.module	Wed Aug 10 17:33:34 2011
+++ b/contrib/fb_test.module	Tue Aug 16 23:27:14 2011
@@ -108,7 +108,7 @@
                            'access_token' => $test_account['access_token'], // Only when account is authorized
                          ));
         if ($data['name']) {
-          $markup .= " $data[name] (<a href=$data[link]>profile</a> | <a href=https://graph.facebook.com/{$test_account[id]}?access_token={$test_account[access_token]}>graph</a> | <a href=https://graph.facebook.com/{$test_account[id]}?access_token=" . fb_get_token($fb) . ">graph2</a>) ";
+          $markup .= " " . $data['name'] . " (<a href=$data[link]>profile</a> | <a href=https://graph.facebook.com/{" . $test_account['id'] . "}?access_token={" . $test_account['access_token'] . "}>graph</a> | <a href=https://graph.facebook.com/{" . $test_account['id'] . "}?access_token=" . fb_get_token($fb) . ">graph2</a>) ";
         }
       }