Facebook PHP SDK v5访问令牌/工作流程
[英]Facebook PHP SDK v5 access tokens/workflow
问题描述
I am attempting to build what is essentially a diary using Facebook Login to enable users to log into the site. 
我正在尝试使用Facebook Login构建本质上是日记的日记,以使用户能够登录该网站。 Users can log in with the JavaScript SDK (as suggested in the docs) and then I need to get the user details on the server side so I can store diary entries for the users in a database (using the Facebook user ID to identify the user). 用户可以使用JavaScript SDK登录(如文档中所建议),然后我需要在服务器端获取用户详细信息,以便将用户的日记条目存储在数据库中(使用Facebook用户ID来识别用户) )。 I am attempting to use getJavaScriptHelper() to do this in the PHP SDK v5. 我正在尝试使用getJavaScriptHelper()在PHP SDK v5中执行此操作。
I'm getting a little confused with how to correctly handle/store access tokens. 我对如何正确处理/存储访问令牌感到有些困惑。 So far I have this (I have cut out try / catch bits for brevity): 到目前为止,我有这个(为了简便起见,我已经删掉了try / catch位):
$fb = new Facebook\Facebook([
'app_id' => $APP_ID,
'app_secret' => $APP_SECRET,
'default_graph_version' => 'v2.5',
]);
$helper = $fb->getJavaScriptHelper();
$accessToken = $helper->getAccessToken();
if (isset($accessToken)) {
$oAuth2Client = $fb->getOAuth2Client();
$longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);
$fb->setDefaultAccessToken($longLivedAccessToken);
$response = $fb->get('/me');
$userNode = $response->getGraphUser();
$name = $userNode->getName();
echo $name;
}
This seems to work fine until I leave the page for a while (possible session expiry problem?), come back and refresh the page; 直到我离开页面一会儿(可能是会话过期问题?),然后返回并刷新页面,这似乎工作正常。 when I do so I find a This authorization code has expired. 当我这样做时,我发现This authorization code has expired. exception has been thrown. 已引发异常。
My question is this: how can I avoid this problem and make sure that the access token obtained through getLongLivedAccessToken() really does last the "about 60 days" the docs refer to? 我的问题是:如何避免这个问题,并确保通过getLongLivedAccessToken()获得的访问令牌确实在文档所指的“大约60天”内有效? Do I need to store access tokens in sessions/cookies/database? 我是否需要将访问令牌存储在会话/ Cookie /数据库中?
1 个解决方案
解决方案1
1 2016-03-14 09:21:19
you have to check if user logged in or not. 您必须检查用户是否登录。 if logged in so we have to find access token in SESSION or (we can save it in db) then we will use it for access facebook graph. 如果登录,那么我们必须在SESSION找到访问令牌或(我们可以将其保存在db中),然后将其用于访问facebook图表。
If user not logged in we have to generate access link with permission we want to use in to access data. 如果用户未登录,我们必须生成具有我们要用于访问数据的权限的访问链接。 after we generate the link we redirect user to facebook to get code to generate access token from it. 生成链接后,我们将用户重定向到Facebook以获取代码以从中生成访问令牌。 when user allow your app to access his data facebook with redirect to your website with variable called CODE 当用户允许您的应用通过变量CODE重定向到您的网站时,访问其数据Facebook
$fb = new Facebook\Facebook([
'app_id' => $APP_ID,
'app_secret' => $APP_SECRET,
'default_graph_version' => 'v2.5',
]);
$helper = $fb->getRedirectLoginHelper();
if(isset($_GET['code']) || isset($_SESSION['fb_token'])){
$accessToken = $helper->getAccessToken();
if (isset($accessToken)) {
$_SESSION['fb_token'] = (string) $accessToken;
$oAuth2Client = $fb->getOAuth2Client();
$longLivedAccessToken = $oAuth2Client->getLongLivedAccessToken($accessToken);
$fb->setDefaultAccessToken($longLivedAccessToken);
$response = $fb->get('/me');
$userNode = $response->getGraphUser();
$name = $userNode->getName();
echo $name;
}
} esle{
$_permissions = array(
'public_profile',
'user_friends',
'email',
'user_about_me');
$canvasLink=callback_url_in_your_app;
$helper = $this->_fb->getRedirectLoginHelper();
header('location:'. $helper->getLoginUrl($canvasLink, $permissions);
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.