续订长寿命访问令牌服务器端 [英] Renew long lived access token server side

问题描述

我们正在从 facebook 中检索长期存在的访问令牌，但是我们需要自动更新此令牌，以便它不会每 60 天过期一次.

We are retrieving the long lived access token from facebook fine, however we need to renew this token automatically so that it does not expire every 60 days.

阅读说明您只能使用端点交换短期令牌的文档.

Reading the documentation it says you can only exchange short lived tokens using the endpoint.

由于我们没有短期令牌，我们如何在无需每 60 天手动重新授权的情况下在服务器端执行此操作?

As we don't have the short lived token, how can we do this server-side without having to manually re-authorize every 60 days?

推荐答案

无限扩展令牌是不可能的.请参阅此处的场景 4 https://developers.facebook.com/roadmap/offline-access-移除/:

it is not possible, to extend token endlessly. See Scenario 4 here https://developers.facebook.com/roadmap/offline-access-removal/:

使用下面的新端点，您将能够扩展现有、未过期、短期用户的过期时间访问令牌.请注意，端点只能用于扩展短期用户 access_tokens.如果你传递一个 access_token有一个很长的过期时间，端点将简单地通过相同的 access_token 返回给您，而无需更改或扩展过期时间.

Using the new endpoint below, you will be able to extend the expiration time of an existing, non-expired, short-lived user access_token. Please note, the endpoint can only be used to extend the short-lived user access_tokens. If you pass an access_token that had a long-lived expiration time, the endpoint will simply pass that same access_token back to you without altering or extending the expiration time.

要获得长期存在的用户 access_token 只需传递您自己的 client_id(你的 app_id)、你的 app_secret 和未过期的、短暂的access_token 到下面的端点.你会得到一个新的长寿命用户access_token；此 access_token 将另外存在到传递到端点的短期 access_token.如果你想刷新一个仍然有效的长期访问令牌，你必须先获得一个新的短期用户access_token和然后在下面调用相同的端点.返回的 access_token 将具有一个新的长期过期时间，但是，access_token 本身可能与之前授予的长寿命相同也可能不同access_token.

To get the long-lived user access_token simply pass your own client_id (your app_id), your app_secret, and the non-expired, short-lived access_token to the endpoint below. You will be returned a new long-lived user access_token; this access_token will exist in addition to the short-lived access_token that was passed into the endpoint. If you would like to refresh a still valid long-lived access_token, you will have to get a new short-lived user access_token first and then call the same endpoint below. The returned access_token will have a fresh long-lived expiration time, however, the access_token itself may or may not be the same as the previously granted long-lived access_token.

这篇关于续订长寿命访问令牌服务器端的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！