Facebook Oauth 访问令牌在使用 Graph API Explorer 时不同 [英] Facebook Oauth Access Token Different when using Graph API Explorer
问题描述
(免责声明:这篇文章中的 access_tokens 和 appIds 是假的,只是为了看起来真实)
(Disclaimer: The access_tokens and appIds in this post are fake and are just intended to look real)
我正在尝试使用对以下内容的调用来生成 access_token:
I'm trying to generate an access_token using the call to the following:
这给了我一个这种格式的 access_token:
That gives me an access_token in this format:
access_token=123456789000000|TR528Smvi4AXMM21Zhmi5XmJwmk
access_token=123456789000000|TR528Smvi4AXMM21Zhmi5XmJwmk
如果我尝试访问受该令牌保护的粉丝页面,我会得到错误回复:/graph.facebook.com/109813019043531?access_token=123456789000000|TR528Smvi4AXMM21Zhmi5XmJwmk
If I try to access a fan page that's protected with that token like this I get false back: http://graph.facebook.com/109813019043531?access_token=123456789000000|TR528Smvi4AXMM21Zhmi5XmJwmk
现在,如果我使用 Graph API Explorer 并选择与我在上面使用的应用程序相同的应用程序来生成访问令牌,我会得到一个如下所示的访问令牌:
Now, if I use the Graph API Explorer and select the same App as the one I'm using above to generate the access token I get an access token that looks like this:
ABBDSqE43jFSSbrS7ujvyLZClfyKDCZBhAuLXTtr9nwelj4MFwlijzejljEoNItC3lijzm3shemzq3jDFCdAZD
ABBDSqE43jFSSbrS7ujvyLZClfyKDCZBhAuLXTtr9nwelj4MFwlijzejljEoNItC3lijzm3shemzq3jDFCdAZD
如果我使用该访问令牌访问 URL (http://graph.facebook.com/109813019043531),它会按预期工作.
If I use that access token to access the URL (http://graph.facebook.com/109813019043531) it works as expected.
我的问题是,两者之间有什么区别,我如何以编程方式生成一个像第二个令牌一样工作的令牌?
My question is, what is the difference between the two and how can I programmatically generate one that works like the second token?
推荐答案
您显示的第一个是 APP 访问令牌.Graph API Explorer 中的第二个是用户访问令牌.第三种类型称为 PAGE 访问令牌.每个人都做不同的事情.
The first one you show is an APP access token. The second one from Graph API Explorer is a USER access token. There is a third type called PAGE access token. Each do something different.
APP 访问令牌 用于获取您的应用有权访问的信息.在某些情况下,publish_stream 是由应用用户授予的,您可以使用它发布到该用户的墙上,而无需 USER 访问令牌.
APP access tokens are used to get information that your app is privileged to access. And in some cases where publish_stream is granted from an app user, you can use it to post to that user's wall, without needing a USER access token.
用户访问令牌授予您的应用,它们与特定应用用户授予您应用的权限相关,以便您的应用可以代表他们进行操作.
USER access tokens are given to your app and they relate to the permissions a specific app user has granted to your application so you app can act on their behalf.
PAGE 访问令牌 授予页面管理员,以便他们可以代表页面进行操作.要将用户访问令牌转换为页面访问令牌,请使用用户访问令牌调用 /me/accounts 以获取他们管理的页面列表以及每个页面访问令牌.
PAGE access tokens are given to page admins so they can act on behalf of the page. To go from a user access token to a page access token, call /me/accounts using the user access token to get a list of pages they admin along with each pages access tokens.
如果您有访问令牌并且想了解有关它的更多信息,请在 https://developers.facebook.com/tools/lint
If you have an access token and you want to know more information about it, lint it at https://developers.facebook.com/tools/lint
有关访问令牌的更多信息,请参阅:https://developers.facebook.com/docs/authentication
For more information on access tokens see: https://developers.facebook.com/docs/authentication
这篇关于Facebook Oauth 访问令牌在使用 Graph API Explorer 时不同的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
