在 5 月 1 日后弃用后，offline_access 将如何工作? [英] How would offline_access work after deprecation after May 1st?

问题描述

我做了一些测试，发现结果与 Facebook 的文档相矛盾.https://developers.facebook.com/roadmap/offline-access-removal/

I did some test, the result I found contradicts Facebook's documentation. https://developers.facebook.com/roadmap/offline-access-removal/

如果我们启用弃用离线访问:"并请求离线访问，在移动客户端，我们会自动获得一个有效期为 60 天的令牌，而无需升级 SDK.Facebook 似乎让客户更容易，不需要升级.这是脸书上所说的.将不再要求迁移到此功能的应用程序进行离线访问.如果用户有一段时间未使用该应用程序，它们将获得长期访问令牌，该令牌将过期." 没有记录一段时间"多长时间.

If we enable the "Deprecate offline access:" and ask for offline_access, at mobile client, we automatically get a token valid for 60 days, without upgrading the SDK. It seems Facebook made it easier for clients, no upgrade is needed. This is what is said on Facebook. "Apps migrating to this feature will no longer be asked for offline_access. They will be issued long lived access tokens which will expire if the user has not used the app in a while. " How long is the "a while" is not documented.

如果我升级 SDK，extendToken 方法不会被触发，因为令牌有效期为 60 天.如果我们强制扩展令牌，我们会从 Facebook 收到以下错误，我不知道这是什么意思.

If I upgrade the SDK, extendingToken method is not triggered, because the token is valid for 60 days. If we force to extend the token, we got the following error from Facebook, which I have no clue what it means.

Error Domain=facebookErrDomain Code=10 "The operation couldn’t be completed. (facebookErrDomain error 10.)" UserInfo=0x1404bb70 {request_args=(
        {
        key = method;
        value = "auth.extendSSOAccessToken";
    },
        {
        key = sdk;
        value = ios;
    },
        {
        key = "sdk_version";
        value = 2;
    },
        {
        key = "access_token";
        value = AAACiLiBjLHABAOo3NZCSSLlRddFZCQUsky0q9sogtzHIFGpNNoeYUqtt2X2QUvxMg8AwsQqSLP3oe0cxUoLIXwVZC3xDGuBC3QOvFgELwZDZD;
    },
        {
        key = format;
        value = json;
    }
), error_code=10, error_msg=The access token was not obtained using single sign-on}

如果我们不请求offline_access"，令牌将在 2 小时后过期.

If we don't request "offline_access", the token expires in 2 hours.

您的观察结果是什么?任何想法?来自 Facebook 的任何见解?

推荐答案

该文档解释了如何将 2 小时令牌交换为 60 天令牌:(请注意，2 小时和 60 天的值将来可能会发生变化)

The section marked 'If you were NOT previously asking for offline_access' in that document explains how to exchange that 2 hour token for a 60 day token: (note that the 2 hours and 60 days values could change in future)

https://developers.facebook.com/roadmap/offline-access-removal/#extend_token

只需访问

https://graph.facebook.com/oauth/access_token?             
        client_id=APP_ID&
        client_secret=APP_SECRET&
        grant_type=fb_exchange_token&
        fb_exchange_token=EXISTING_ACCESS_TOKEN 

而且返回的token会有更长的有效期(可能是同一个token过期时间更长，也可能是新token，两种情况你都应该处理)

And the token returned will have a longer expiry (it may be the same token with a longer expiry or a new token, you should handle both cases)

这篇关于在 5 月 1 日后弃用后，offline_access 将如何工作?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！