必须使用活动访问令牌

时间:2012-02-27 18:41:48

标签: facebook sdk token

我正试图让Facebook用户(当前用户)使用代码:

$app_id = "xxx";
$app_secret = "yyy";

//** Get user information
//Create our application instance.
$facebook = new Facebook(array(
    'appId' => $app_id,
    'secret' => $app_secret,
));
// Get User ID
$user = $facebook->getUser();

// We may or may not have this data based on whether the user is logged in.
//
// If we have a $user id here, it means we know the user is logged into
// Facebook, but we don't know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.

if ($user) {
    try {
        // Proceed knowing you have a logged in user who's authenticated.

        $user_profile = $facebook->api('/me');....

        // The $user_profile = $facebook->api('/me'); line throw an exception:

        'message' => string 'An active access token must be used to query
                            'information about the current user.' (length=80)

      'type' => string 'OAuthException' (length=14)
      'code' => int 2500

为什么?

1 个答案:

答案 0 :(得分:3)

您似乎没有按照 OAuth 所述的Authentication 2.0身份验证/授权流程进行审核。

有一些例子说明了如何做到这一点。我也在使用PHP SDK,但我选择在客户端通过JavaScript进行身份验证,这对我来说更容易。但是,这两种方法都在文档中进行了解释。

更新:我使用的代码是PHP和JavaScript的组合,对我来说很有用。这里唯一没有正确处理的事情(AFAIK)是当用户没有登录到Facebook时到达应用程序,也就是说,他直接通过URL而不是通过Facebook到达应用程序。在这种情况下,会显示一个空白页而不是通知和登录按钮等。

无论如何,这是我的index.php,我将config.inc.php中的变量(如成功(应用程序主页)和失败页面(用户未授予权限))传递给JavaScript:

        <?php
            require 'include/config.inc.php';

            //Check whether Facebook OAuth mechanism called back to this script with access_token or error
            if (isset($_GET['expires_in']) && $_GET['expires_in']>0)
            {
                header('Location: '.$appname_canvasPage.$appname_successPage);
                exit;
            }
            else if (isset($_GET['error']))
            {
                //echo 'querystr: '.$_SERVER['QUERY_STRING'];
                header('Location: '.$appname_canvasPage.$appname_failurePage);
                exit;
            }
            else
            {
                require 'include/header_metadata.inc.html';
        ?>
    </head>

    <body>
        <div id="fb-root"></div>
        <script>
            var appname_canvasURI = '<?php echo $appname_canvasURI; ?>';
            var appname_canvasPage = '<?php echo $appname_canvasPage; ?>';
            var appname_successPage = '<?php echo $appname_successPage; ?>';
            var appname_failurePage = '<?php echo $appname_failurePage; ?>';
            var appname_fbPerms = '<?php echo $appname_fbPerms; ?>';
            var appname_appid= '<?php echo $appname_appid; ?>';

            window.fbAsyncInit = function()
            {
                FB.init({
                  appId      : appname_appid, // App ID
                  channelUrl : appname_canvasPage+'/channel.html', // Channel File
                  status     : true, // check login status
                  cookie     : true, // enable cookies to allow the server to access the session
                  oauth      : true, // enable OAuth 2.0
                  xfbml      : true  // parse XFBML
                });

                // Additional initialization code here
                FB.getLoginStatus(function(response)
                {
                    //console.log('getLoginStatus response: ',response);
                    if (response.authResponse)
                    {
                        //user is already logged in and connected
                        facebookCheckPerms(); // ensure all requires perms are available and if not request them
                    }
                    else
                    {
                        //app is not authorized or user is logged out
                        facebookOAuthRedirect();
                    }
                });
            };

            // Load the SDK Asynchronously
            (function()
            {
                var e = document.createElement('script');
                e.type = 'text/javascript';
                e.src = document.location.protocol + '//connect.facebook.net/en_US/all.js';
                //e.src = "http://static.ak.fbcdn.net/connect/en_US/core.debug.js";
                e.async = true;
                document.getElementById('fb-root').appendChild(e);
            }());

            function facebookCheckPerms()
            {
                var hasReqPerms=true;
                FB.api(
                {
                    method: 'fql.query',
                    query: 'SELECT '+appname_fbPerms+' FROM permissions WHERE uid=me()'
                },
                function(response)
                {
                    for(var key in response[0])
                    {
                        if(response[0][key]==0)
                        {
                            hasReqPerms=false;
                        }
                    }
                    if (hasReqPerms==false)
                    {
                        // user does not have required permissions, do OAuth  2.0 redirect to get permissions
                        facebookOAuthRedirect();
                    }
                    else
                    {
                        // user has required permissions, start the app.
                        //console.log('checkperms: user has required permissions, start the app');
                        top.location.href = appname_canvasPage+appname_successPage;
                    }
                });
            }

            function facebookOAuthRedirect()
            {
                var redirectURL = 'https://www.facebook.com/dialog/oauth/?client_id='+appname_appid+'&scope='+appname_fbPerms+'&redirect_uri='+encodeURIComponent(appname_canvasURI)+'&response_type=token';
                //console.log('redirectURL: '+redirectURL);
                top.location.href = redirectURL;
            }

        </script>
        <?php
            }
        ?>
    </body>
</html>