如何在Spring Social中使用Facebook appAccessToken [英] How to use Facebook appAccessToken with Spring Social
问题描述
我对如何在Spring Social中使用Facebook的应用程序访问令牌感到困惑.
I'm a bit confused as to how to use Facebook's app access token with Spring Social.
我已经通过向以下用户提出GET请求获得了应用访问令牌:
I already have an app access token by making a GET request to:
我无法使用(出于我不想在此处讨论的原因)标准的Spring Social连接创建流程,并且我想使用此令牌(如果可能).
I can't use (for reasons I don't want to discuss here) the standard Spring Social connection creation flow and I want to use this token (if possible).
我的问题通常针对GraphApi.
因此,总的来说,我可以使用通过标准GET获取的应用访问令牌来通过Spring Social向Graph Api发出请求吗?
So in general can I use an app access token acquired via a standard GET to make requests to the Graph Api through Spring Social ?
谢谢
推荐答案
应用访问令牌可用于的事情很少. Graph API中的大多数操作都用于获取用户数据,因此,您必须获取用户访问令牌.您拥有的应用访问令牌将无法使用.
There are very few things that the app access token can be used for. Most of the operations in the Graph API are for fetching user data and therefore you MUST obtain a user access token. The app access token you have will not work.
如果您打算使用应用程序访问令牌来获取用户的个人资料,查看他们的朋友列表或发布到他们的时间轴(或与用户相关的任何内容)上,那么您就不走运了.想象一下,如果您代表用户进行阅读和发布所要做的就是获得应用程序访问令牌,那么将会造成的混乱!您必须获得用户对此类事物的许可.
If you're planning to use your app access token to fetch a user's profile, see their friends list, or post to their timeline (or anything that pertains to a user), then you're out of luck. Imagine the chaos that would ensue if all you had to do to read and post on behalf of a user is obtain an app access token! You must get the user's permission for that kind of thing.
有三种获取用户访问令牌的方法:授权代码授予(这是Spring Social的ConnectController的工作,最适合于传统的Web应用程序),隐式授予(它更适合于客户端Javascript),以及资源所有者凭证授予(最适合进行浏览器重定向困难,困难或不可能的移动或桌面应用程序).
There are 3 ways to get a user access token: Authorization code grant (which is what Spring Social's ConnectController does and is most appropriate for traditional web applications), implicit grant (which is more appropriate for client-side Javascript), and resource owner credentials grant (which is most appropriate for mobile or desktop applications where doing a browser redirect is awkward, difficult, or impossible).
您拥有的应用程序访问令牌仅用于使用以应用程序为中心且与任何给定用户都不相关的API端点. Facebook的API中有一些这样的操作,但是立即想到的唯一一个操作是,您可以使用应用程序令牌来创建测试用户(请参见
The app access token you have is only intended to consume API endpoints that are application-centric and do not pertain to any given user. There are a few such operations in Facebook's API, but the only one that immediately comes to mind is that you can use an app token to create test users (see https://developers.facebook.com/docs/test_users/).
就像大多数Facebook API以用户为中心一样,Spring Social的Facebook API绑定也是如此.但是,如果您希望在Spring Social中添加以应用程序为中心的操作,那么如果您希望通过
Just as most of Facebook's API is user-centric, likewise is Spring Social's Facebook API binding. If, however, there's an app-centric operation that you'd like to see added to Spring Social, I'd appreciate it if you'd let me know at https://jira.springsource.org/browse/SOCIALFB.
这篇关于如何在Spring Social中使用Facebook appAccessToken的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
