You can change an application's permissions on Facebook's authorization page, but this will only work if the application does not check a user's allowed permissions when the loop goes back to the application. If the developer checks the permissions granted based on the retrieved access token (via https://graph.facebook.com/me/permissions?access_token=USER_...), he/she can see which permissions have been allowed by the user. The developer can then just disallow your use of the app until you allow all permissions.
http://thephpleague.com/
They are very high-quality libraries.