验证Facebook令牌时遇到问题 [英] Trouble validating a Facebook token

问题描述

我正在为OS X构建一个小的Facebook登录库。这不是因为那里没有SDK，而是因为我想要可可原生的东西来封装登录过程。我已成功从Facebook登录URL请求访问令牌。我使用以下字符串格式执行登录：

I'm building a small Facebook login library for OS X. This isn't because there are no SDKs out there, but because I'd like something native to Cocoa that can encapsulate the login process. I'v successfully requested an access token from the Facebook login URL. I use this string format to perform the login:

https://www.facebook.com/dialog/oauth?client_id=%@&redirect_uri=%@&response_type=token

对于 redirect_uri 字段，根据Facebook文档，我传递了 https://www.facebook.com/connect/login_success.html 。我接受该响应，然后解析该URL。我会得到令牌或失败。令牌似乎还可以。问题出在下一步。

For the redirect_uri field I pass https://www.facebook.com/connect/login_success.html as per the Facebook documentation. I take whatever that response is and parse the URL. I'll either get a token or a failure. The token seems to come back okay. The trouble is in the next step.

收到令牌后，我立即尝试对其进行验证。我使用调试端点，如下所示：

Immediately after receiving my token, I attempt to validate it. I use the "debug" endpoint, like so:

https://graph.facebook.com/debug_token?input_token=%@&access_token=%@

我将我的新令牌作为 input_token ，这就是它发粘的地方。我试图传递我的客户令牌，但这会导致以下错误：

I pass my new token as the input_token and this is where it gets sticky. I've tried passing my client token, but that causes the following error:

操作无法完成。 （无效的OAuth访问令牌。错误190。）`

The operation couldn’t be completed. (Invalid OAuth access token. error 190.)`

如果我通过了我的 app ID |应用秘密，我会收到另一个错误：

If I pass my app ID | app secret, I get a different error:

该操作无法完成。 （（＃100）您必须提供应用访问令牌或作为应用错误100的所有者或开发者的用户访问令牌。）

The operation couldn’t be completed. ((#100) You must provide an app access token or a user access token that is an owner or developer of the app error 100.)

我不确定这里正在发生什么或怎么办。谁能指出我正确的方向？

I'm not sure what's happening here, or what to do. Can anyone point me in the right direction?

推荐答案

调试 API适用于您要以应用程序 的身份而不是以用户身份进行的操作。用户登录后，您只需要他们的访问令牌即可获取有关他们的信息，阅读他们的信息并发布内容（当然，所有这些都假设您具有访问令牌，并且有权执行您要尝试的操作）。因此，在您的情况下，既然您已有访问令牌，请继续尝试使用

The debug API is for if you want to do things as the app, not as the user. Once a user has logged in, all you need is their access token to get info about them, read their info, publish things (all of course assuming you have an access token with permissions to do what you're trying to do). So in your case, now that you have an access token, go ahead and try getting info about the user using

https://graph.facebook.com/me?access_token=%@

，您会得到类似

{
   "id": "542440888",
   "name": "Max Rabin",
   "first_name": "Max",
   "last_name": "Rabin",
   "link": "https://www.facebook.com/MY_USER_NAME",
   "username": "MY_USER_NAME",
   "birthday": "11/22/YEAR",
   "hometown": {
      "id": "110970792260960",
      "name": "Los Angeles, California"
   },
   "location": {
      "id": "110970792260960",
      "name": "Los Angeles, California"
   },
   "bio": "There are 10 kinds of people in this world.\r\n01: Those who know trinary\r\n02: Those who don't\r\n10: Those who confuse it with binary",
   "gender": "male",
   "email": "MY_EMAIL",
   "timezone": 2,
   "locale": "en_US",
   "languages": [
      {
         "id": "106059522759137",
         "name": "English"
      }
   ],
   "verified": true,
   "updated_time": "2013-10-21T10:02:49+0000"
}

这篇关于验证Facebook令牌时遇到问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！