如何使用PHP更新/扩展Facebook访问令牌？ [英] How to renew/extend facebook access tokens with PHP?

问题描述

Facebook已经删除了offline_access令牌功能，当用户访问您的网站以保持活动时，现在必须更新令牌。

Facebook has removed the offline_access token functionality, now tokens have to be renewed whenever the user visits your website to keep them active.

说有人已经给你的网站访问权限，并为您存储一个令牌。您将使用什么代码与Facebook的PHP库来更新该令牌？

Say someone has already given your website access and you have a token stored for them. What code would you use with Facebook's PHP library to renew that token?

推荐答案

您可以按照以下方式扩展您的令牌：

You can extend your token the following way:

方案

• 您的应用请求用户权限


• 提示用户登录/授予权限


• 您可以通过CURL或其他方式获得用户令牌（短命的），并使用grant_type = fb_exchange_token


• 您持续令牌

• Your app requests permissions from the user
• You prompt user to log in / grant permissions
• You get user's token (short-lived one) and exchange via CURL or other means for a 60 day one using grant_type=fb_exchange_token
• You persist the token

现在，您拥有该令牌可以在60天内完成所需的任务。最后，由于用户可以更改密码，取消授权应用等，令牌将无效。扩展令牌可以做的是每个用户到达您的页面，您可以检查他们是否通过javascript登录，如果是，请对您的服务器进行ajax调用，将现有令牌从60天延长今天。您可以根据需要拨打尽可能多的电话，只有第一个有效。以下是我的工作方式：

Now you have that token to do what you wish with it for up to 60 days. Up to, because user can change password, de-authorize app, etc and token would become invalid. What you can do to extend the token is EVERY TIME user comes to your page(s), you can check if they are logged in via javascript and if they are, make an ajax call to your server to extend existing token for 60 days from today. You can make as many calls as you want, only the first one is valid. Here's how I do it:

1. 在载入事件中的某个地方，您可以添加以下内容：

1. On your page somewhere during load event, add something like:

 FB.getLoginStatus(function (response) {
     if (response.status === 'connected') {
        $.ajax({
            type: "POST",
            async: false,
            url: YOUR_URL,
            dataType: "text",
            data: {token  : response.authResponse.accessToken }
         });
     }
 });
         //rest of jquery ajax call here

这将为用户获取一个新的客户端访问令牌并将其发送到服务器

That will get a new client-side access token for the user and send it to the server

1. 服务器可以拿这个令牌并交换一个60天的一个

1. Server can then take that token and exchange it for a 60 day one

$token_url = "https://graph.facebook.com/oauth/access_token?client_id=".FACEBOOK_CLIENT_ID."&client_secret=".FACEBOOK_SECRET."&grant_type=fb_exchange_token&fb_exchange_token=".$token;

$c = curl_init();
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($c, CURLOPT_URL, $token_url);
$contents = curl_exec($c);
$err  = curl_getinfo($c,CURLINFO_HTTP_CODE);
curl_close($c);

$paramsfb = null;
parse_str($contents, $paramsfb);        

参考：

https://developers.facebook.com/roadmap/离线访问删除/

如果用户在60天内返回到您的网站，则只会扩展令牌。如果没有，您将需要再次提示权限。

That would only extend the token if the user comes back to your site within 60 days. If not, you will need to prompt for permissions again.

这篇关于如何使用PHP更新/扩展Facebook访问令牌？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！