如何以编程方式登录到Facebook OAuth2 API [英] How to programmatically login to Facebook oauth2 api
问题描述
我编写了一个Node.JS脚本,该脚本通过我的facebook应用程序成功连接到Facebook Graph API.当我给它一个oauth access_token
时,我可以读取数据,我希望这个脚本每天晚上在服务器上运行以存储一些数据.我对facebook api,oauth和堆栈溢出中的类似问题都做了很多研究.我正在搜索/search/?type=event&q=query
端点
I have written a Node.JS script that successfully connects to the Facebook Graph API through my facebook app. I can read data when I give it an oauth access_token
, I want this script to run on my server every night to store some data. I have done a lot of research of both the facebook api, oauth and similar questions on stack overflow. I am searching the /search/?type=event&q=query
endpoint
但是,Facebook通过oauth2登录过程返回了60天access_token
,这要求我创建一个express
服务器,该服务器仅启动oauth2进程,允许用户登录并接收access_token
代码,我正在存储它.
However, Facebook returns a 60 day access_token
through the oauth2 login process that required me to create an express
server that simply initiates the oauth2 process, allows the user to login, and receives the access_token
code and I am storing it.
我希望脚本保存数据,以便服务器可以每天提供对更新数据的访问.我不需要记住要每60天登录一次以生成密钥.
I want the script to save data so that my server can provide access to updated data every day. I don't want to have to remember to login to generate the key once every 60 days.
是否仍然可以在不设置http
或express
服务器的情况下接收oauth2 access_token
?
更重要的是,如何获得access_token
而不必每隔60天手动运行该服务器.
Is there anyway to receive a oauth2 access_token
without setting up an http
or express
server?
More importantly, how do I get the access_token
without manually having to running that server every ~60 days.
我正在使用的模块需要access_token
和client_secret
The Module I am using requires the access_token
and client_secret
fs.readFile('./facebookAuthServer/oauth.txt', function read(err, data) {
if (err) {
throw err;
}
fbNode.setAuthorization({token: data, clientSecret: authSettings.clientSecret});
// Use the auth for next call
fbNode.fetchItems(displayItems);
});
有一些欺骗标头的方法吗?还是可以使用短暂的访问令牌并刷新它?是否要刷新60天令牌?是否有人创建了Oauth2的服务器端实现,该实现不需要第一次访问FB登录?
Is there some way to spoof headers? or could I use a short lived access token and refresh it? Anyway to refresh a 60 day token? Has anyone created a server side implementation of Oauth2 that does not require visiting the FB login more than the first time?
推荐答案
以下是使用请求.
首先,您需要启动并运行OAuth客户端服务器:
First you need an OAuth client server up and running:
var express = require('express')
var session = require('express-session')
var Grant = require('grant-express')
var grant = new Grant({
server:{host:'dummy.com:3000', protocol:'http'},
facebook:{
key:'[APP_ID]',
secret:'[APP_SECRET]',
scope:['user_about_me','user_birthday'],
callback:'/callback'
}
})
var app = express()
app.use(session({secret:'very secret'}))
app.use(grant)
app.get('/callback', function (req, res) {
res.end(JSON.stringify(req.query))
})
app.listen(3000, function () {
console.log('Oh Hi', 3000)
})
接下来,您需要一个HTTP客户端,该客户端将模拟浏览器请求:
Next you need an HTTP client that will simulate the browser request:
var request = require('request')
request.get({
uri:'http://dummy.com:3000/connect/facebook',
headers:{
'user-agent':'Mozilla/5.0 ...',
cookie:'datr=...; lu=...; p=-2; c_user=...; fr=...; xs=...; ...'
},
jar:request.jar(),
json:true
}, function (err, res, body) {
if (err) console.log(err)
console.log(body)
})
使用方式:
- 在Facebook上注册OAuth应用并设置您的站点URL (我假设
http://dummy.com:3000
) - 将
127.0.0.1 dummy.com
添加到您的主机文件中 - 从上方配置并启动服务器
- 在浏览器中导航到
dummy.com:3000
- 打开开发人员工具并导航到网络"标签,确保已选中
Preserve log
- 导航到
http://dummy.com:3000/connect/facebook
并照常进行身份验证 - 在网络"标签中查看授权请求,并将相关标头复制到HTTP客户端示例(
user-agent
和cookie
) - 运行HTTP客户端代码(这是您将不时执行的代码,服务器也应同时运行)
- Register OAuth app on Facebook and set your Site URL (I'm assuming
http://dummy.com:3000
) - Add
127.0.0.1 dummy.com
to your hosts file - Configure and start the server from above
- Navigate to
dummy.com:3000
in your browser - Open up the Developer Tools and navigate to the Network tab, make sure
Preserve log
is checked - Navigate to
http://dummy.com:3000/connect/facebook
and authenticate as usual - Take a look at the authorize request in the Network tab and copy the relevant headers to the HTTP client example (the
user-agent
and thecookie
) - Run the HTTP client code (that's the code you are going to execute from time to time, the server should be running as well)
资源:
- 介绍如何使用Grant
- 授予文档
- 请求文档-请参阅选项部分
- Introduction about how to use Grant
- Grant documentation
- Request documentation - see the options section
Resources:
我将以上代码包装到模块中 https://github.com/simov/facebook -刷新令牌
I wrapped the above code into a module https://github.com/simov/facebook-refresh-token
这篇关于如何以编程方式登录到Facebook OAuth2 API的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!