How to Obtain Long-Lived Facebook Access Tokens After Offline

How to Obtain Long-Lived Facebook Access Tokens After Offline_access Deprecation?

Linda Hamilton

Release： 2024-11-29 07:02:14

Original

488 people have browsed it

How to Obtain Long-Lived Facebook Access Tokens After Offline_access Deprecation?

How to Extend Access Token Validity Despite Offline_access Deprecation

Issue:

Facebook's deprecation of the offline_access permission has hindered our ability to acquire long-lived access tokens. Despite documentation indicating that server-side OAuth tokens would remain long-lived, this is not the case.

Answer:

Edit (August 14th, 2012):

The official Facebook PHP SDK has been updated, introducing the revised setExtendedAccessToken function. To mitigate potential session duplication concerns, it necessitates terminating the current session upon function execution. Furthermore, it stores the new access token internally, allowing retrieval via the public getAccessToken function. Acquire the latest SDK from the Facebook PHP SDK GitHub page.

Original Answer:

A novel public function has been added to base_facebook.php that grants access to a 60-day renewable access token. Implementing this function post-normal access token reception may suffice. Additionally, enabling "deprecate offline_access" in the Developer App's Advanced settings is believed to be necessary.

Insert the following code into your base_facebook.php within the facebook class and invoke the function:

public function getExtendedAccessToken(){

    try {
        // need to circumvent json_decode by calling _oauthRequest
          // directly, since response isn't JSON format.
        $access_token_response =
            $this->_oauthRequest(
                $this->getUrl('graph', '/oauth/access_token'), array(
                    'client_id' => $this->getAppId(),
                    'client_secret' => $this->getAppSecret(),
                    'grant_type'=>'fb_exchange_token',
                    'fb_exchange_token'=>$this->getAccessToken()
                )
            );
    } catch (FacebookApiException $e) {
      // most likely that user very recently revoked authorization.
      // In any event, we don't have an access token, so say so.
      return false;
    }

    if (empty($access_token_response)) {
      return false;
    }

    $response_params = array();
    parse_str($access_token_response, $response_params);
    if (!isset($response_params['access_token'])) {
      return false;
    }

    return $response_params['access_token'];
}

Copy after login

The above is the detailed content of How to Obtain Long-Lived Facebook Access Tokens After Offline_access Deprecation?. For more information, please follow other related articles on the PHP Chinese website!