转换Facebook会话密钥以访问令牌 [英] Converting Facebook session keys to access tokens

问题描述

我有一个网络应用程序，允许用户连接Facebook帐户与我的网站上的帐户。当用户决定与Facebook连接时，该应用请求 publish_stream 和 offline_access 权限，然后存储Facebook uid 和 session_key 为每个用户。所有这一切现在很好。

我的问题是迁移到Facebook的新OAuth 2.0系统。我想将会话密钥转换成访问令牌。我遵循这些说明，一切似乎都能正常运行; Facebook返回了一堆访问令牌。但是，他们都没有工作。当我尝试去一个URL，如 https://graph.facebook.com/我？access_token = TOKEN-HERE ，我收到一条错误，表示验证客户端错误。

我做错了什么？

另外，我的印象是访问令牌的工作就像会话密钥一样，一旦我有一个，我可以永远使用它（因为我请求 offline_access 权限）。这是正确的吗？

更新：

以下是将会话密钥转换为访问令牌，以及我得到的输出。

步骤1：将会话密钥转换为访问令牌

代码：

  $ session_key ='87ebbedf29cc2000a28603e8-100000652996522'; 
 $ app = sfConfig :: get（'app_facebook_prod_api'）; //我碰巧使用Symfony。这得到一个数组与我的Facebook应用程序ID和秘密。 
 $ post = array（
'type'=>'client_cred'，
'client_id'=> $ app ['app_id']，
'client_secret'=> ; $ app ['secret']，
'sessions'=> $ session_key 
）; 
 
 $ options = array（
 CURLOPT_POST => 1，
 CURLOPT_HEADER => 0，
 CURLOPT_URL =>'https：//graph.facebook。 com / oauth / exchange_sessions'，
 CURLOPT_FRESH_CONNECT => 1，
 CURLOPT_RETURNTRANSFER => 1，
 CURLOPT_POSTFIELDS => http_build_query（$ post）
）; 
 
 $ ch = curl_init（）; 
 curl_setopt_array（$ ch，$ options）; 
 $ result = curl_exec（$ ch）; 
 curl_close（$ ch）; 
 var_export（json_decode（$ result））; 
  

输出：

'access_token'=>'251128963105 | 87ebbedf29cc2000a28603e8-100000652996522 |步骤2：对于第一步，第二步：第二步：第二步：第二步：测试访问令牌 
 
 
代码：
  $ access_token ='251128963105 | 87ebbedf29cc2000a28603e8-100000652996522 | Dy8CcJzEX8lYRrJE9Xk1EoW-BW0' 
 $ options = array（
 CURLOPT_HEADER => 0，
 CURLOPT_URL =>'https://graph.facebook.com/me?access_token='。$ access_token，
 CURLOPT_FRESH_CONNECT => 1，
 CURLOPT_RETURNTRANSFER => 1，
）; 
 
 $ ch = curl_init（）; 
 curl_setopt_array（$ ch，$ options）; 
 $ result = curl_exec（$ ch）; 
 curl_close（$ ch）; 
 var_export（json_decode（$ result））; 
  
输出：
  stdClass :: __ set_state（array（
'error'=> 
 stdClass :: __ set_state（array（
'type'=> '
））
   
'message'=>'验证客户端错误'，
） p> 
 
解决方案
从阅读你的帖子是我的理解 -  
 
 
 
你正在转会话密钥进入系统中每个用户的访问密钥，并存储这些密钥。 
 
 
 
然后使用您自己的页面测试密钥。 （Graph.facebook.com/me etc ...）
 
 
 
如果是这种情况
 
 
 
 A）您不能用自己的密钥使用其他用户密钥。转到graph.facebook.com只对该用户所属的用户有效，如果他们已经登录，那么例如，如果你有我的访问密钥，你可以访问 http：//graph.facebook.com/YOURID ... 。）但是对于graph.facebook.com/me来说，你会有以我的身份登录。 B / B 
 $ b 
 B）这些密钥每3小时到期（或有约），因此可能不再有效。 
 
I have a web app that allows users to connect Facebook account with their account on my site. When the user decides to connect with Facebook, the app requests publish_stream and offline_access permissions, and then stores the Facebook uid and session_key for each user. All this works fine right now.

My problem is migrating to Facebook's new OAuth 2.0 system. I'd like to transform the session keys I have into access tokens. I followed these instructions and everything seemed to work fine; Facebook returned a bunch of access tokens. However, none of them work. When I try to go to a URL such as https://graph.facebook.com/me?access_token=TOKEN-HERE, I get an error that says "Error validating client".

What am I doing wrong?

Also, I'm under the impression that access tokens work just like session keys in that once I have one, I can use it forever (since I request offline_access permissions). Is that correct?

Update:

Below are the exact steps I took to convert a session key into an access token, along with the output I got. Hopefully that will help bring my problem to light.

Step 1: Convert Session Key to Access Token

Code:
$session_key = '87ebbedf29cc2000a28603e8-100000652996522';
$app = sfConfig::get('app_facebook_prod_api'); // I happen to use Symfony. This gets an array with my Facebook app ID and secret.
$post = array(
  'type' => 'client_cred',
  'client_id' => $app['app_id'],
  'client_secret' => $app['secret'],
  'sessions' => $session_key
);

$options = array(
  CURLOPT_POST => 1,
  CURLOPT_HEADER => 0,
  CURLOPT_URL => 'https://graph.facebook.com/oauth/exchange_sessions',
  CURLOPT_FRESH_CONNECT => 1,
  CURLOPT_RETURNTRANSFER => 1,
  CURLOPT_POSTFIELDS => http_build_query($post)
);

$ch = curl_init();
curl_setopt_array($ch, $options);
$result = curl_exec($ch);
curl_close($ch);
var_export(json_decode($result));
Output:
array (
  0 => 
  stdClass::__set_state(array(
     'access_token' => '251128963105|87ebbedf29cc2000a28603e8-100000652996522|Dy8CcJzEX8lYRrJE9Xk1EoW-BW0.',
  )),
)


Step 2: Test Access Token

Code:
$access_token = '251128963105|87ebbedf29cc2000a28603e8-100000652996522|Dy8CcJzEX8lYRrJE9Xk1EoW-BW0.';
$options = array(
  CURLOPT_HEADER => 0,
  CURLOPT_URL => 'https://graph.facebook.com/me?access_token=' . $access_token,
  CURLOPT_FRESH_CONNECT => 1,
  CURLOPT_RETURNTRANSFER => 1,
);

$ch = curl_init();
curl_setopt_array($ch, $options);
$result = curl_exec($ch);
curl_close($ch);
var_export(json_decode($result));
Output:
stdClass::__set_state(array(
   'error' => 
  stdClass::__set_state(array(
     'type' => 'OAuthException',
     'message' => 'Error validating client.',
  )),
))

解决方案
From reading your post here is my understanding - 

You are tranforming session keys into access keys for each user in your system and storing these keys. 

You then test the key using your own page. (Graph.facebook.com/me etc...) 

If this is the case

A) You cannot use another users key with your own key. Going to graph.facebook.com would only be valid for the user that the key belongs to and if they were logged in. So for example, if you have my access key you could visit http://graph.facebook.com/YOURID....) but for graph.facebook.com/me to work you would have to be logged in as me. 

B) These keys expire every 3 hours (Or there abouts) so it may no longer be valid. 

                        
这篇关于转换Facebook会话密钥以访问令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！