Facebook API - 在會話中保存OAuth訪問令牌

Question

我試圖找到一種方法，一旦使用OAuth授權但存在問題，就會與Facebook API保持連接。我不希望我的應用程序的用戶每次想要使用我的應用程序時都必須通過Facebook登錄。

我將oauth訪問toekn存儲在數據庫中，用戶通過facebook進行身份驗證後，我有"offline_access"權限設置，因此從理論上講，這應該是可能的。

但是，當使用存儲在數據庫中的保存的Oauth令牌嘗試連接到Facebook API時，我得到了"Uncaught OAuthException: An active access token must be used to query information about the current user."。

header("p3p: CP=\"ALL DSP COR PSAa PSDa OUR NOR ONL UNI COM NAV\""); // hack to stop facebook wierd cookie problems 

//instantiate the Facebook library with the APP ID and APP SECRET 
$facebook = new Facebook(array(
    'appId' => 'appid', 
    'secret' => 'secretid', 
    'cookie' => true 
)); 

//Get the FB UID of the currently logged in user 
$user = $facebook->getUser(); 

//if the user has already allowed the application, you'll be able to get his/her FB UID 
if($user) { 
    //get the user's access token 
    $access_token = $facebook->getAccessToken(); 
} else { 
    //see if authorisation already set up in DB 
    $query = mysql_query("SELECT oauth_token FROM PingSocialMediaUsers WHERE oauth_provider = 'facebook' AND clientID = '$clientID'"); 
    $result = mysql_fetch_row($query); 
    $access_token = $result[0]; 
} 

if($access_token) { 

    //check permissions list 
    $permissions_list = $facebook->api(
     '/me/permissions', 
     'GET', 
     array(
      'access_token' => $access_token 
     ) 
    ); 

    //check if the permissions we need have been allowed by the user 
    //if not then redirect them again to facebook's permissions page 
    $permissions_needed = array('publish_stream', 'read_stream', 'offline_access'); 
    foreach($permissions_needed as $perm) { 
     if(!isset($permissions_list['data'][0][$perm]) || $permissions_list['data'][0][$perm] != 1) { 
      $login_url_params = array(
       'scope' => 'publish_stream,read_stream,offline_access', 
       'fbconnect' => 1, 
       'display' => "page", 
       'next' => 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'] 
      ); 
      $login_url = $facebook->getLoginUrl($login_url_params); 
      header("Location: {$login_url}"); 
      exit(); 
     } 
    } 

    //if the user has allowed all the permissions we need, 
    //get the information about the pages that he or she managers 
    $accounts = $facebook->api(
     '/me', 
     'GET', 
     array(
      'access_token' => $access_token 
     ) 
    ); 

    //add to details database 
    //find the user by ID 
    if ($user != ''){ 
     $query = mysql_query("SELECT * FROM PingSocialMediaUsers WHERE oauth_provider = 'facebook' AND oauth_uid = '$user'"); 
     $result = mysql_fetch_array($query); 

     // If does not exist add to database 
     if(empty($result)){ 
      $query = mysql_query("INSERT INTO PingSocialMediaUsers (oauth_provider, clientID, oauth_uid, username, oauth_token, oauth_secret) VALUES ('facebook', $clientID, $user, '{$accounts['name']}', '$access_token', '')"); 
      $query = mysql_query("SELECT * FROM PingSocialMediaUsers WHERE id = " . mysql_insert_id()); 
      $result = mysql_fetch_array($query); 
     } else { 
      //update the tokens 
      $query = mysql_query("UPDATE PingSocialMediaUsers SET oauth_token = '$access_token', oauth_secret = '' WHERE oauth_provider = 'facebook' AND oauth_uid = '$user'"); 
     } 


    //save the information inside the session 
    $_SESSION['_token'] = $access_token; 
    $_SESSION['accounts'] = $accounts['data']; 
    } 
    $facebookAuth = TRUE; 

Answer 1

Facebook的過程，當其通過應用程序的訪問令牌和默認爲按照Facebook是2小時一個expires場。

還有其他的因素，爲什麼其中的access_token可以過期，這裏爲大家介紹

Ankur Pansari How-To: Handle expired access tokens

的完整細節現在，未來，我們可以談論offline_access這意味着

It Enables your app to perform authorized requests 
on behalf of the user at any time. By default, 
most access tokens expire after a short time period to ensure applications 
only make requests on behalf of the user when the are actively 
using the application. This permission makes the 
access token returned by our OAuth endpoint long-lived. 

因此，一切都意味着您必須確保您始終使用有效的access_token。有關各種許可的詳細信息，請參閱參考鏈接

Facebook Permissions