我正在创建一个代码来使用 PHP SDK 在 facebook 上创建即时文章。我使用它创建了一个登录名,并添加了“public_profile、email、manage_pages、pages_show_list、pages_manage_instant_articles”权限。
当用户点击登录按钮时,它要求所有这些权限。如果用户是页面的管理员并且他使用它登录,他就能够在该页面上创建即时文章。但是,当具有该页面的编辑角色的用户尝试登录时,会要求他提供所有这些权限,即使他允许所有这些权限,他仍然无法创建即时文章。在错误日志中,有如下错误:
PHP 致命错误:未捕获的 Facebook\Exceptions\FacebookAuthorizationException:(#200)需要扩展权限:../facebook-php-sdk-v4-5.0.0/src/Facebook/Exceptions/FacebookResponseException.php:120 中的 pages_manage_instant_articles
在第一次登录时,编辑用户被要求提供所有权限,他批准了所有,但仍然出现此错误。现在,当他尝试再次登录时,不会要求他提供权限。我已经通过“/me/permissions”端点检查了编辑角色用户的权限。作为响应,“email、user_friends、pages_show_list 和 public_profile”权限的状态为“已授予”,但没有关于“manage_pages 和 pages_manage_instant_articles”权限的任何详细信息。
对于管理员角色用户,所有代码都可以正常工作,并且即时文章也使用 PHP SDK 创建,但此问题仅针对编辑角色用户。
这是我尝试过的代码,我没有在此处包含我的 app-id、app-secret、page-id 和 article-html:
<?php
session_start();
$page_id = '{page-id}';
$app_id='{app-id}';
$app_secret='{app-secret}';
require_once 'testing/facebook-php-sdk-v4-5.0.0/src/Facebook/autoload.php';
if(!isset($_GET['user'])){
?>
<!DOCTYPE html>
<html>
<head>
<title>Facebook Login JavaScript Example</title>
<meta charset="UTF-8">
</head>
<body>
<script>
// This is called with the results from from FB.getLoginStatus().
function statusChangeCallback(response) {
console.log('statusChangeCallback');
console.log(response);
// The response object is returned with a status field that lets the
// app know the current login status of the person.
// Full docs on the response object can be found in the documentation
// for FB.getLoginStatus().
if (response.status === 'connected') {
// Logged into your app and Facebook.
//testAPI();
var accessToken = response.authResponse.accessToken;
console.log('access token -: '+accessToken);
location.href="instant_article.php?user=logged_in";
} else if (response.status === 'not_authorized') {
// The person is logged into Facebook, but not your app.
document.getElementById('status').innerHTML = 'Please log ' +
'into this app.';
} else {
// The person is not logged into Facebook, so we're not sure if
// they are logged into this app or not.
document.getElementById('status').innerHTML = 'Please log ' +
'into Facebook.';
}
}
// This function is called when someone finishes with the Login
// Button. See the onlogin handler attached to it in the sample
// code below.
function checkLoginState() {
FB.getLoginStatus(function(response) {
statusChangeCallback(response);
});
}
window.fbAsyncInit = function() {
FB.init({
appId : <?= $app_id ?>,
cookie : true, // enable cookies to allow the server to access the session
xfbml : true, // parse social plugins on this page
version : 'v2.6' // use graph api version 2.5
});
// Now that we've initialized the JavaScript SDK, we call
// FB.getLoginStatus(). This function gets the state of the
// person visiting this page and can return one of three states to
// the callback you provide. They can be:
//
// 1. Logged into your app ('connected')
// 2. Logged into Facebook, but not your app ('not_authorized')
// 3. Not logged into Facebook and can't tell if they are logged into
// your app or not.
//
// These three cases are handled in the callback function.
FB.getLoginStatus(function(response) {
statusChangeCallback(response);
});
};
// Load the SDK asynchronously
(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = "//connect.facebook.net/en_US/sdk.js";
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));
</script>
<!--
Below we include the Login Button social plugin. This button uses
the JavaScript SDK to present a graphical Login button that triggers
the FB.login() function when clicked.
-->
<fb:login-button scope="public_profile,email,manage_pages,pages_show_list,pages_manage_instant_articles" onlogin="checkLoginState();">
</fb:login-button>
<div id="status">
</div>
</body>
</html>
<?php
}else{
$fb = new Facebook\Facebook([
'app_id' => $app_id,
'app_secret' => $app_secret,
'default_graph_version' => 'v2.6',
'default_access_token' => $app_id.'|'.$app_secret
]);
$oAuth2Client = $fb->getOAuth2Client();
$helper = $fb->getJavaScriptHelper();
$sr = $helper->getSignedRequest();
$user_id = $sr ? $sr->getUserId() : null;
if ( $user_id ) {
try {
// Get the access token
$accessToken = $helper->getAccessToken();
$_SESSION['user_token'] = (string) $accessToken;
} catch( Facebook\Exceptions\FacebookSDKException $e ) {
// There was an error communicating with Graph
echo "SDK error: ".$e->getMessage();
unset($_SESSION['user_token']);
} catch(Facebook\Exceptions\FacebookResponseException $e) {
// When Graph returns an error
echo 'Graph returned an error: ' . $e->getMessage();
unset($_SESSION['user_token']);
}
if (! isset($accessToken)) {
echo 'No cookie set or no OAuth data could be obtained from cookie.';
unset($_SESSION['user_token']);
}else{
if($accessToken->isExpired()){
unset($_SESSION['user_token']);
echo "<script>location.href='instant_article.php'</script>";
exit;
}
}
if(!isset($_SESSION['user_token'])){
echo "<script>location.href='instant_article.php'</script>";
exit;
}
try {
// Exchanges a short-lived access token for a long-lived one
$userToken = $oAuth2Client->getLongLivedAccessToken($accessToken);
$long_token = $userToken->getValue();
} catch(Facebook\Exceptions\FacebookSDKException $e) {
// There was an error communicating with Graph
echo 'SDK error: '.$e->getMessage();
exit;
}
/*$res_perms = $fb->get('/me/permissions?access_token='.$long_token,$long_token,'','v2.6');
echo "<pre>";
print_r($res_perms);
exit;*/
$res_page = $fb->get('/'.$page_id.'?fields=access_token',$long_token,'','v2.6');
$page_info = $res_page->getDecodedBody();
$page_token = $page_info['access_token'];
$article_html = '{ html of article goes here}';
if(trim($article_html) != ""){
$page_params = array(
'access_token'=>$page_token,
'html_source'=>$article_html,
'development_mode'=>true
);
$res_article = $fb->post('/'.$page_id.'/instant_articles',$page_params,$page_token);
}
}
}
?>
如果有人可以帮助我,那就太好了。