Facebook graph api Facebook API-在会话中保存OAuth访问令牌
我试图找到一种方法来保持与Facebook API的连接,一旦授权使用OAuth,但我遇到了问题。我不希望我的应用程序的用户每次想使用我的应用程序时都必须通过Facebook登录 在用户通过facebook认证后,我将oauth访问权存储在数据库中,并且我设置了Facebook graph api Facebook API-在会话中保存OAuth访问令牌,facebook-graph-api,oauth,access-token,Facebook Graph Api,Oauth,Access Token,我试图找到一种方法来保持与Facebook API的连接,一旦授权使用OAuth,但我遇到了问题。我不希望我的应用程序的用户每次想使用我的应用程序时都必须通过Facebook登录 在用户通过facebook认证后,我将oauth访问权存储在数据库中,并且我设置了“离线访问”权限,因此理论上,这应该是可能的 但是,当尝试使用存储在数据库中的已保存Oauth令牌连接到Facebook API时,我得到了“未捕获OAuthException:必须使用活动访问令牌来查询有关当前用户的信息。” heade
“离线访问”“未捕获OAuthException:必须使用活动访问令牌来查询有关当前用户的信息。”header("p3p: CP=\"ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV\""); // hack to stop facebook wierd cookie problems
//instantiate the Facebook library with the APP ID and APP SECRET
$facebook = new Facebook(array(
'appId' => 'appid',
'secret' => 'secretid',
'cookie' => true
));
//Get the FB UID of the currently logged in user
$user = $facebook->getUser();
//if the user has already allowed the application, you'll be able to get his/her FB UID
if($user) {
//get the user's access token
$access_token = $facebook->getAccessToken();
} else {
//see if authorisation already set up in DB
$query = mysql_query("SELECT oauth_token FROM PingSocialMediaUsers WHERE oauth_provider = 'facebook' AND clientID = '$clientID'");
$result = mysql_fetch_row($query);
$access_token = $result[0];
}
if($access_token) {
//check permissions list
$permissions_list = $facebook->api(
'/me/permissions',
'GET',
array(
'access_token' => $access_token
)
);
//check if the permissions we need have been allowed by the user
//if not then redirect them again to facebook's permissions page
$permissions_needed = array('publish_stream', 'read_stream', 'offline_access');
foreach($permissions_needed as $perm) {
if( !isset($permissions_list['data'][0][$perm]) || $permissions_list['data'][0][$perm] != 1 ) {
$login_url_params = array(
'scope' => 'publish_stream,read_stream,offline_access',
'fbconnect' => 1,
'display' => "page",
'next' => 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']
);
$login_url = $facebook->getLoginUrl($login_url_params);
header("Location: {$login_url}");
exit();
}
}
//if the user has allowed all the permissions we need,
//get the information about the pages that he or she managers
$accounts = $facebook->api(
'/me',
'GET',
array(
'access_token' => $access_token
)
);
//add to details database
//find the user by ID
if ($user != ''){
$query = mysql_query("SELECT * FROM PingSocialMediaUsers WHERE oauth_provider = 'facebook' AND oauth_uid = '$user'");
$result = mysql_fetch_array($query);
// If does not exist add to database
if(empty($result)){
$query = mysql_query("INSERT INTO PingSocialMediaUsers (oauth_provider, clientID, oauth_uid, username, oauth_token, oauth_secret) VALUES ('facebook', $clientID, $user, '{$accounts['name']}', '$access_token', '')");
$query = mysql_query("SELECT * FROM PingSocialMediaUsers WHERE id = " . mysql_insert_id());
$result = mysql_fetch_array($query);
} else {
//update the tokens
$query = mysql_query("UPDATE PingSocialMediaUsers SET oauth_token = '$access_token', oauth_secret = '' WHERE oauth_provider = 'facebook' AND oauth_uid = '$user'");
}
//save the information inside the session
$_SESSION['_token'] = $access_token;
$_SESSION['accounts'] = $accounts['data'];
}
$facebookAuth = TRUE;
Facebook在向您的应用程序传递访问令牌时,会传递一个
expiresIt Enables your app to perform authorized requests
on behalf of the user at any time. By default,
most access tokens expire after a short time period to ensure applications
only make requests on behalf of the user when the are actively
using the application. This permission makes the
access token returned by our OAuth endpoint long-lived.
access\u令牌
您确定您使用的是主动访问令牌吗?我已集成了“Ankur Pansari如何处理过期访问令牌”中的代码,并将在我明天尝试更新状态而不登录时查看该代码是否有效。谢谢