[英]Is Facebook long-lived access token usable on multiple users?
I'm experimenting with Facebook's long-live access token and I found that the long-lived access token is usable in different users. 我正在试验Facebook的长期访问令牌,发现长期访问令牌可在不同的用户中使用。 Is this normal?
这正常吗?
I'm using the Facebook PHP SDK v3.2.2 and Yii. 我正在使用Facebook PHP SDK v3.2.2和Yii。 Here's my code to generate the long-lived access token from
App_User_1
这是我的代码,用于从
App_User_1
生成长期访问令牌
Yii::import('application.vendors.facebook.Facebook');
$facebook = new Facebook(
array(
'appId' => Yii::app()->params['facebookApi'],
'secret' => Yii::app()->params['facebookSecretCode'],
'cookie' => true,
)
);
$loginUrl = $facebook->getLoginUrl(array('display' => 'touch', 'scope' => 'publish_actions'));
$fbUser = $facebook->getUser();
if(!empty($fbUser))
{
$facebook->setExtendedAccessToken(); //long-live access_token 60 days
$access_token = $facebook->getAccessToken();
exit(print_r($access_token));
}
Here's my code to test posting to App_User_1
's Facebook wall. 这是我的代码,用于测试发布到
App_User_1
的Facebook墙上的代码。
$message = "A message";
$link = "http://www.alink.com";
$picture = "http://www.alink/image.png";
$sendTo = "`**App_User_1**`";
$access_token = "xxxxxxxxxx";
Yii::import('application.vendors.facebook.Facebook');
$facebook = new Facebook(
array(
'appId' => Yii::app()->params['facebookApi'],
'secret' => Yii::app()->params['facebookSecretCode'],
'cookie' => true,
)
);
$attachment = array('message' => $message, 'link' => $link, 'picture' => $picture );
$api = "/$sendTo/feed/?access_token='.$access_token,";
$result = $facebook->api($api,'post', $attachment);
I have 2 test app user. 我有2个测试应用程序用户。 If I substitute the
App_User_1
's access token, I can also post into App_User_2
's Facebook Wall. 如果我替换
App_User_1
的访问令牌,也可以将其发布到App_User_2
的Facebook墙中。 Is this normal? 这正常吗?
I think I may have been doing this the wrong way. 我想我可能做错了这条路。 Using the PHP SDK, the
api
method does not recognize the access_token as part of its path parameter. 使用PHP SDK时,
api
方法无法将access_token识别为其路径参数的一部分。 ( eg /me/feed/?access_token=blah
) (
eg /me/feed/?access_token=blah
)
Instead, the access token should be specified under optional parameters in an array format. 而是应在可选参数下以数组格式指定访问令牌。
Here's how I got mine to work. 这就是我的工作方式。
$facebook_uid = '1234567890';
//Initialize array for the params parameter
$fb_data = array();
$fb_data['access_token'] = 'xxxxxxxxxx';
$fb_data['message'] = 'A test message';
$facebook->api('/'.$facebook_uid.'/feed/', 'post', $fb_data);
Tried swapping the access token with other app user's access token and not specifying access_token at all. 尝试将访问令牌与其他应用程序用户的访问令牌交换,并且完全不指定access_token。 Both will result in error (#200) The user hasn't authorized the application to perform this action.
两者都会导致错误(#200)用户未授权应用程序执行此操作。
I would also recommend using this tool by Facebook to verify that the access_token is generated correctly by your app. 我还建议Facebook使用此工具来验证access_token是否由您的应用正确生成。 https://developers.facebook.com/tools/debug
https://developers.facebook.com/tools/debug
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.