1st October 2011 past already….. and hopefully, the OAuth 2.0 and SSL migration item should have been handled by Facebook developers already (at least for their most important apps).
To move a step further, Facebook announced today that they are auto-enabling two migrations in the Dev App: signed_request for Canvas and Encrypted Access Token.
- If your apps do not have code with depends on fb_sig, then you should be safe when the “signed_request for Canvas” is enabled
- And if you have not been trying to “decode” the access token (such as trying to get the user ID from it), then enabling the “encrypted access token” should have no impact to you.
More important that the above is that, althought the old / not migrated apps may continue to work at the moment, they will break when Facebook remove the non-OAuth endpoints.
So, just in case you are still in the progress of converting your apps, you still have time.