Can you upload new version with updated dependencies and add ability to disable token caching? As I read in facebook docs, after user has changed his password token must become invalid, but it's not, and user can still get it from cache (preferences) and use. Which is not good.
Also it would be good to have callbacks for logout and unsuccessful login events