用于 PHP 的 fb_exchange_token 仅在用户删除应用程序后才有效 [英] fb_exchange_token for PHP only working once user removes app
问题描述
对于我正在构建的 Facebook 应用,我需要比默认的 1 到 2 小时更长的时间.
For a Facebook app that I am building, I require longer time than the default 1 - 2 hours.
我不想使用offline_access",因为它使人们不愿注册该应用,而且现在已经贬值了.
I don't want to use "offline_access" as it puts people off from signing up to the app and is now depreciated.
在开发者路线图中,它谈到了fb_exchange_token",这会将访问令牌的有效期延长至 1 个月.
In the developer road map it talks about "fb_exchange_token" which will extend the access token expiry date to 1 month.
流程是:
登录用户
Login User
调用.../oauth/access_token?...&grant_type=fb_exchange_token&fb_exchange_token=...
Call .../oauth/access_token?...&grant_type=fb_exchange_token&fb_exchange_token=...
这适用于所有新用户,以及从 Facebook 帐户中删除应用并重新添加的用户,但对于我们现有的客户群,它不起作用.
This works fine for all the new users, and for users who delete the app from their Facebook account and re-add it, but for our existing customer base, it doesn't work.
我尝试了各种方法,包括向登录脚本添加其他权限以强制验证窗口,但没有成功.
I have tried all sorts including adding other permissions to the login script to force the authenticate window, but no luck.
如文档中所述,我已为 Facebook 应用添加了正确的高级/迁移设置.除了开发博客之外,似乎没有太多帮助.
I have added the correct advanced/migration setting for the Facebook app as described in the documentation. There doesn't appear to be much help on this, apart from the dev blog.
任何帮助将不胜感激.
仅供参考:我使用的是最新的 PHP SDK,获取新访问令牌的代码只是指向以下 URL 的标准 cURL 请求:
FYI: I'm using the most up-to-date PHP SDK and the code to get the new access token is just the standard cURL request pointing to the following url:
https://graph.facebook.com/oauth/access_token?client_id={APPID}&client_secret={APPSECRET}&grant_type=fb_exchange_token&fb_exchange_token={ACCESSTOKEN}
https://graph.facebook.com/oauth/access_token?client_id={APPID}&client_secret={APPSECRET}&grant_type=fb_exchange_token&fb_exchange_token={ACCESSTOKEN}
再次感谢
推荐答案
我遇到了同样的问题.我注意到的另一件事是:以前拥有 offline_access 权限的用户也可以获得 60 天令牌,以及新授权的用户.
I am having the same issue. One other thing I've noticed: users that previously had the offline_access permission are also able to get the 60 day tokens, as well as newly authorized users.
我打开了一个错误,试图得到 FB 的回复:https://developers.facebook.com/bugs/241373692605971
I opened a bug to try to get a response from FB: https://developers.facebook.com/bugs/241373692605971
这篇关于用于 PHP 的 fb_exchange_token 仅在用户删除应用程序后才有效的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
