I'm trying to access scores through the Facebook API to get a list of scores of my friends. When I try to access /[facebook id]/scores
, I get the following error even with my app access token:
FacebookApiException [ 0 ]: A user access token is required to request this resource. ~ APPPATH/classes/basefacebook.php [ 1039 ]
How do I get a user access token?
Updated: After reading http://developers.facebook.com/docs/reference/api/permissions/, I've confirmed that the app access token and user access token are two different access tokens. The question still remains, how do I get a user access token?
I see that you are using the php-sdk. So you need your friend to access your app with a script something like the example:
<?php
/**
* Copyright 2011 Facebook, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License. You may obtain
* a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
require '../src/facebook.php';
// Create our Application instance (replace this with your appId and secret).
$facebook = new Facebook(array(
'appId' => '191149314281714',
'secret' => '73b67bf1c825fa47efae70a46c18906b',
));
// Get User ID
$user = $facebook->getUser();
// We may or may not have this data based on whether the user is logged in.
//
// If we have a $user id here, it means we know the user is logged into
// Facebook, but we don't know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
// Login or logout url will be needed depending on current user state.
if ($user) {
$logoutUrl = $facebook->getLogoutUrl();
} else {
$loginUrl = $facebook->getLoginUrl(array('scope'=>'offline_access'));
}
// This call will always work since we are fetching public data.
$naitik = $facebook->api('/naitik');
?>
<!doctype html>
<html xmlns:fb="http://www.facebook.com/2008/fbml">
<head>
<title>php-sdk</title>
<style>
body {
font-family: 'Lucida Grande', Verdana, Arial, sans-serif;
}
h1 a {
text-decoration: none;
color: #3b5998;
}
h1 a:hover {
text-decoration: underline;
}
</style>
</head>
<body>
<h1>php-sdk</h1>
<?php if ($user): ?>
<a href="<?php echo $logoutUrl; ?>">Logout</a>
<?php else: ?>
<div>
Login using OAuth 2.0 handled by the PHP SDK:
<a href="<?php echo $loginUrl; ?>">Login with Facebook</a>
</div>
<?php endif ?>
<h3>PHP Session</h3>
<pre><?php print_r($_SESSION); ?></pre>
<?php if ($user): ?>
<h3>You</h3>
<img src="https://graph.facebook.com/<?php echo $user; ?>/picture">
<h3>Your User Object (/me)</h3>
<pre><?php print_r($user_profile); ?></pre>
<?php else: ?>
<strong><em>You are not Connected.</em></strong>
<?php endif ?>
<h3>Public profile of Naitik</h3>
<img src="https://graph.facebook.com/naitik/picture">
<?php echo $naitik['name']; ?>
</body>
</html>
Then you need to:
- Grant the
offline_access
permission
- Store the returned
access_token
- Use that token whenever you query your friend's scores
$facebook->api('friend_id/scores?access_token=$stored_access_token');
Please refer to the documentations showing the authentication flows for Facebook.
http://developers.facebook.com/docs/authentication/
This is the best place to start to understand how it works.
- You get the user's permission and access_token
- You can use this access_token as a "key" to get and post Facebook information
The access_token is not to be mistaken for your application secret code, which is used to authorised to make a connection on behalf of your registered application.
In Flex you can use:
FacebookDesktop.getSession().accessToken;
I call this function:
FB.getLoginStatus(onFacebookInitialLoginStatus);
Which calls the function below and gets the accesss_token from the response.
function onFacebookInitialLoginStatus(response) {
if (response.status == "connected" && response.session) {
var access_token = response.session.access_token;
var url = 'https://graph.facebook.com/me/likes?access_token=' + access_token;
}
else {
facebookLogin();
}
}
Suscribe to this event:
FB.Event.subscribe('auth.authResponseChange', function(response) {
then check response.status