Extending valid/expired 60 days access token witho

2020-07-26 14:06发布

I use access token in my joomla module to get page/group wall feed posts to show in user website page.user generated access token by my facebook application from my site before using the module in their joomla site.

What i want - "I want to extend the expire date of an existing non-expired/expired 60 days token without user interaction".

What i got from web that calling this url token can be extended -

https://graph.facebook.com/oauth/access_token?client_id=APP_ID&client_secret=APP_SECRET&grant_type=fb_exchange_token&fb_exchange_token=EXISTING_ACCESS_TOKEN

some test i did to extend token and got these results :(

1.I created short lived access token in client side and extended it to 60 days by the above url 
2.I call above url again by passing that 60 days token as "fb_exchange_token" value to extend token again.I got different 60 days token but issue and expire date is same as before, not extended!!
3.I again repeated test 1 and got a token which also have same issue and expire date! as I wanted to have the expire date extended as my test 2 is failed.

So how do i achieve what i want?? i have the plan that i would extend the 60 days token on 58th day or after it expired.

2条回答
霸刀☆藐视天下
2楼-- · 2020-07-26 14:44

https://developers.facebook.com/docs/roadmap/completed-changes/offline-access-removal

The offline_access Permission that you could use to extend an already extended 60 day permission once a day has been removed by facebook.

Now, you're using the right URL, but the terms are these:

Client-side OAuth and Extending Access_Token Expiration Time through New Endpoint

Using the new endpoint, you will be able to extend the expiration time of an existing, non-expired, short-lived user access_token. Please note, the endpoint can only be used to extend the short-lived user access_tokens. If you pass an access_token that had a long-lived expiration time, the endpoint will simply pass that same access_token back to you without altering or extending the expiration time.

To get the long-lived user access_token simply pass your own client_id (your app_id), your app_secret, and the non-expired, short-lived access_token to the endpoint below. You will be returned a new long-lived user access_token; this access_token will exist in addition to the short-lived access_token that was passed into the endpoint. If you would like to refresh a still valid long-lived access_token, you will have to get a new short-lived user access_token first and then call the same endpoint. The returned access_token will have a fresh long-lived expiration time, however, the access_token itself may or may not be the same as the previously granted long-lived access_token.

https://graph.facebook.com/oauth/access_token?             
client_id=APP_ID&
client_secret=APP_SECRET&
grant_type=fb_exchange_token&
fb_exchange_token=EXISTING_ACCESS_TOKEN

I was going to paste the explanation on how to "Generating Long-Lived User Tokens from Server-Side Long-Lived Tokens" that you can read: http://developers.facebook.com/docs/facebook-login/access-tokens#long-via-code

But it seems like this issue has already been discussed: Facebook PHP SDK 4.0 : Getting Long Term Access Token

查看更多
三岁会撩人
3楼-- · 2020-07-26 14:45

The whole point of the 60 day expiry is so that users re-visit your application at the end of the expiration and you drive them back through the login process.

  • Get short lived token
  • Re-extend

Extending a 60 day without user interaction defeats the entire process. If your user hasn't interacted with your app in 60 days, the application permission should expire.

查看更多
登录 后发表回答