我有一个 Java 网络应用程序,可以将项目发布到我们的用户 facebook 墙上,当用户最初注册时,我们会得到一个 60 天的 access_token,它会保存到我们的数据库中,现在离线访问已被删除,我使用我们的“使用 facebook 登录”按钮在用户登录我们的网站时更新令牌,这一切都很好,因为他们通常会相隔 60 天以上访问。
我已经实现了上述内容并且效果很好......但后来我发现登录操作生成的访问令牌会在 1 小时后过期......显然不好,我们不能在他们不在的时候发布到他们的墙上.
下面的代码演示了我们如何通过 signed_request 方法(在 Java SEAM 应用程序中)获取令牌,这工作正常,但令牌是短暂的
谁能建议如何确保代币是 60 天的类型
谢谢
public void loginWithFacebook(){
accessToken = null;
try {
accessToken = FaceBookSecurity.getFBAccessToken();
} catch (Exception e) {
log.error("Error getting FB access token: "+e);
}
FacebookClient facebookClient = new DefaultFacebookClient(accessToken);
com.restfb.types.User facebookUser = facebookClient.fetchObject("me", com.restfb.types.User.class);
facebookEmail = facebookUser.getEmail();
if (facebookEmail != null) {
new RunAsOperation(true) {
public void execute() {
user = ((UserDAO)Component.getInstance("userDAO")).findByEmail(StringUtils.lowerCase(facebookEmail));
if (user != null && user.getFacebookToken() != null && !accessToken.equals(user.getFacebookToken())) {
user.setFacebookToken(accessToken);
log.error("FB: updating "+user.getFirstname()+" "+user.getSurname()+"s FB token to: "+accessToken);
}
}
}.run();
if (user != null) {
//set the user as logged in
return;
}
}
messagePoster.postPopupErrorMessage(messages.get("facebookLoginFailed"));
}
public static String getFBAccessToken()
throws Exception {
HttpServletRequest request = (HttpServletRequest) FacesContext.getCurrentInstance().getExternalContext().getRequest();
Cookie fbCookie = getFBCookie(request);
String fbCookieValue = fbCookie.getValue();
String[] stringArgs = fbCookieValue.split("\\.");
String encodedPayload = stringArgs[1];
JsonObject data;
try{
String payload = base64UrlDecode(encodedPayload);
// gets the js object from the cookie
data = new JsonObject(payload);
}catch (Exception e){
return "";
}
String authUrl = getAuthURL(data.getString("code"));
URL url = new URL(authUrl);
URI uri = new URI(url.getProtocol(), url.getHost(), url.getPath(),
url.getQuery(), null);
String result = readURL(uri.toURL());
String[] resultSplited = result.split("&");
return resultSplited[0].split("=")[1];
}
// creates the url for calling to oauth.
public static String getAuthURL(String authCode) {
String url = "https://graph.facebook.com/oauth/access_token?client_id="
+ FacebookApp.appId
+ "&redirect_uri=&client_secret="
+ FacebookApp.appSecret + "&code="
+ authCode;
return url;
}
// reads the url.
private static String readURL(URL url) throws IOException {
InputStream is = url.openStream();
InputStreamReader inStreamReader = new InputStreamReader(is);
BufferedReader reader = new BufferedReader(inStreamReader);
String s = "";
int r;
while ((r = is.read()) != -1) {
s = reader.readLine();
}
reader.close();
return s;
}
private static String base64UrlDecode(String input){
return new String(Base64.decodeBase64(input.getBytes()));
}