10

Is it possible to extend the 60 day access token? I read somewhere that when a user visits your site it can be extended? (for another 60 days)? Will this be the same token or a new token entirely?

I basically want offline_access like it used to be. I have a small jquery script that displays the user's facebook wall on their own site.

I also read this:

""You will need to get the user to reauthenticate again within 60 days to grab a new token." --- nope. As long as there is publish_stream permitted - you don't need user's tokens ever. Until user deletes the application from apps list - you can post the messages, even after 100 years. So, no, there is no reason to persist any token additionally to application key and secret – zerkms Apr 5 at 9:02"

Is this true? Obviously I do not need publish permissions, I only want read stream permissions.

--Update:

Quote from FB:

"If you would like to refresh a still valid long-lived access_token, you will have to get a new short-lived user access_token first and then call the same endpoint below. The returned access_token will have a fresh long-lived expiration time, however, the access_token itself may or may not be the same as the previously granted long-lived access_token"

So how exactly do you get an entirely new token? FB.login method simply returns the existing (non-expired) token. Any ideas?

4

4 回答 4

3

为了延长访问令牌到期日期的使用,

https://graph.facebook.com/oauth/access_token?             
client_id=APP_ID&
client_secret=APP_SECRET&
grant_type=fb_exchange_token&
fb_exchange_token=EXISTING_ACCESS_TOKEN

有关更多详细信息,请查看http://developers.facebook.com/roadmap/offline-access-removal/

于 2012-09-24T05:50:15.050 回答
2

不可以。您不能延长通证超过 60 天,您只能延长短期通证,当您这样做时,您会得到一个长期通证,即 60 天。

您也可以拥有所有权限,但除非您拥有有效的访问令牌,否则您无法发出 api 请求(好吧,您可以但会遇到异常)。

我不确定你是如何获得 60 天令牌的,如果它是客户端(然后扩展它)还是服务器端,但根据删除 offline_access 权限官方帖子:

场景 3:服务器端 OAuth 开发者

...

如果在该用户仍有有效的长寿命用户 access_token 时进行调用,则第二次调用返回的用户 access_token 可能相同或可能已更改,但在任何一种情况下,到期时间都将设置为 long到期时间。

或者

场景 4:客户端 OAuth 和通过新端点延长 Access_Token 过期时间

……

请注意,端点只能用于扩展短期用户 access_tokens。如果您传递具有长期过期时间的 access_token,端点将简单地将相同的 access_token 传递回您,而不会更改或延长过期时间。

...

于 2012-05-22T09:46:51.677 回答
1

您可以使用 PHP SDK 使用以下代码

$extendedToken = $facebook->setExtendedAccessToken();
$token = $facebook->getAccessToken();
print_r($token);

在用户登录并为您提供所需的权限后。在简单地使用 Graph API 调用之后,您还可以检索其他扩展访问令牌,例如 Page

$facebook->api('<PAGE_ID>?fields=access_token');

这将返回页面的扩展访问令牌。前提是您已请求 manage_page 权限。

于 2012-09-25T07:03:14.567 回答
0

Sujathan 是正确的 - 有一个 Facebook 页面记录了更改后的操作:http: //developers.facebook.com/roadmap/offline-access-removal/

向以下 url 发送获取请求:

https://graph.facebook.com/oauth/access_token?client_id=APP_ID&client_secret=APP_SECRET&grant_type=fb_exchange_token&fb_exchange_token=EXISTING_ACCESS_TOKEN

此外,看起来这是重复的:How to extend access token validation since offline_access deprecation

于 2012-09-26T02:47:22.340 回答