自5月1日起弃用后，offline_access将如何工作？ [英] How would offline_access work after deprecation after May 1st?

问题描述

我做了一些测试，发现结果与Facebook的文档相矛盾。 https://developers.facebook.com/roadmap/offline-access-removal/

I did some test, the result I found contradicts Facebook's documentation. https://developers.facebook.com/roadmap/offline-access-removal/

如果启用不赞成脱机访问：并要求offline_access，则在移动客户端上，我们会自动获得一个有效期为60天的令牌，而无需升级SDK 。看来Facebook使客户更容易，不需要升级。这就是在Facebook上所说的。 将不再要求迁移到此功能的应用程序离线访问。它们将被授予长期访问令牌，如果用户一段时间未使用该应用程序，令牌将过期。一段时间没有记录。

If we enable the "Deprecate offline access:" and ask for offline_access, at mobile client, we automatically get a token valid for 60 days, without upgrading the SDK. It seems Facebook made it easier for clients, no upgrade is needed. This is what is said on Facebook. "Apps migrating to this feature will no longer be asked for offline_access. They will be issued long lived access tokens which will expire if the user has not used the app in a while. " How long is the "a while" is not documented.

如果我升级SDK，则不会触发extensionToken方法，因为令牌的有效期为60天。如果我们强制扩展令牌，则会从Facebook收到以下错误，我不知道这是什么意思。

If I upgrade the SDK, extendingToken method is not triggered, because the token is valid for 60 days. If we force to extend the token, we got the following error from Facebook, which I have no clue what it means.

Error Domain=facebookErrDomain Code=10 "The operation couldn’t be completed. (facebookErrDomain error 10.)" UserInfo=0x1404bb70 {request_args=(
        {
        key = method;
        value = "auth.extendSSOAccessToken";
    },
        {
        key = sdk;
        value = ios;
    },
        {
        key = "sdk_version";
        value = 2;
    },
        {
        key = "access_token";
        value = AAACiLiBjLHABAOo3NZCSSLlRddFZCQUsky0q9sogtzHIFGpNNoeYUqtt2X2QUvxMg8AwsQqSLP3oe0cxUoLIXwVZC3xDGuBC3QOvFgELwZDZD;
    },
        {
        key = format;
        value = json;
    }
), error_code=10, error_msg=The access token was not obtained using single sign-on}

如果我们不请求 offline_access，则令牌会过期2小时之内。

If we don't request "offline_access", the token expires in 2 hours.

您的观察是什么？任何想法？来自Facebook的任何见解？

推荐答案

中标记为如果您之前未要求offline_access的部分href = https://developers.facebook.com/roadmap/offline-access-removal/ rel = nofollow>该文档说明了如何将2小时令牌换成60天令牌：（请注意这样2小时60天的值将来可能会发生变化）

The section marked 'If you were NOT previously asking for offline_access' in that document explains how to exchange that 2 hour token for a 60 day token: (note that the 2 hours and 60 days values could change in future)

https://developers.facebook.com/roadmap/offline-access-removal/#extend_token

访问

https://graph.facebook.com/oauth/access_token?             
        client_id=APP_ID&
        client_secret=APP_SECRET&
        grant_type=fb_exchange_token&
        fb_exchange_token=EXISTING_ACCESS_TOKEN 

返回的令牌将具有更长的到期时间（可能是相同的令牌（具有更长的有效期限）或新的令牌，您应同时处理这两种情况）

And the token returned will have a longer expiry (it may be the same token with a longer expiry or a new token, you should handle both cases)

这篇关于自5月1日起弃用后，offline_access将如何工作？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！