如何获取用户访问令牌？

Question

I'm trying to access scores through the Facebook API to get a list of scores of my friends. When I try to access /[facebook id]/scores , I get the following error even with my app access token:

FacebookApiException [ 0 ]: A user access token is required to request this resource. ~ APPPATH/classes/basefacebook.php [ 1039 ]

How do I get a user access token?

Updated: After reading http://developers.facebook.com/docs/reference/api/permissions/ , I've confirmed that the app access token and user access token are two different access tokens. The question still remains, how do I get a user access token?

Answer 1

I see that you are using the php-sdk. So you need your friend to access your app with a script something like the example :

<?php
/**
 * Copyright 2011 Facebook, Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may
 * not use this file except in compliance with the License. You may obtain
 * a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 * License for the specific language governing permissions and limitations
 * under the License.
 */

require '../src/facebook.php';

// Create our Application instance (replace this with your appId and secret).
$facebook = new Facebook(array(
  'appId'  => '191149314281714',
  'secret' => '73b67bf1c825fa47efae70a46c18906b',
));

// Get User ID
$user = $facebook->getUser();

// We may or may not have this data based on whether the user is logged in.
//
// If we have a $user id here, it means we know the user is logged into
// Facebook, but we don't know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.

if ($user) {
  try {
    // Proceed knowing you have a logged in user who's authenticated.
    $user_profile = $facebook->api('/me');
  } catch (FacebookApiException $e) {
    error_log($e);
    $user = null;
  }
}

// Login or logout url will be needed depending on current user state.
if ($user) {
  $logoutUrl = $facebook->getLogoutUrl();
} else {
  $loginUrl = $facebook->getLoginUrl(array('scope'=>'offline_access'));
}

// This call will always work since we are fetching public data.
$naitik = $facebook->api('/naitik');

?>
<!doctype html>
<html xmlns:fb="http://www.facebook.com/2008/fbml">
  <head>
    <title>php-sdk</title>
    <style>
      body {
        font-family: 'Lucida Grande', Verdana, Arial, sans-serif;
      }
      h1 a {
        text-decoration: none;
        color: #3b5998;
      }
      h1 a:hover {
        text-decoration: underline;
      }
    </style>
  </head>
  <body>
    <h1>php-sdk</h1>

    <?php if ($user): ?>
      <a href="<?php echo $logoutUrl; ?>">Logout</a>
    <?php else: ?>
      <div>
        Login using OAuth 2.0 handled by the PHP SDK:
        <a href="<?php echo $loginUrl; ?>">Login with Facebook</a>
      </div>
    <?php endif ?>

    <h3>PHP Session</h3>
    <pre><?php print_r($_SESSION); ?></pre>

    <?php if ($user): ?>
      <h3>You</h3>
      <img src="https://graph.facebook.com/<?php echo $user; ?>/picture">

      <h3>Your User Object (/me)</h3>
      <pre><?php print_r($user_profile); ?></pre>
    <?php else: ?>
      <strong><em>You are not Connected.</em></strong>
    <?php endif ?>

    <h3>Public profile of Naitik</h3>
    <img src="https://graph.facebook.com/naitik/picture">
    <?php echo $naitik['name']; ?>
  </body>
</html>

Then you need to:

1. Grant the offline_access permission
2. Store the returned access_token
3. Use that token whenever you query your friend's scores $facebook->api('friend_id/scores?access_token=$stored_access_token');

Answer 2

Please refer to the documentations showing the authentication flows for Facebook.

http://developers.facebook.com/docs/authentication/

This is the best place to start to understand how it works.

1. You get the user's permission and access_token
2. You can use this access_token as a "key" to get and post Facebook information

The access_token is not to be mistaken for your application secret code, which is used to authorised to make a connection on behalf of your registered application.

Answer 3

在Flex中，您可以使用：

FacebookDesktop.getSession().accessToken;

Answer 4

Suscribe to this event:

FB.Event.subscribe('auth.authResponseChange', function(response) {

then check response.status

Answer 5

I call this function:

FB.getLoginStatus(onFacebookInitialLoginStatus);

Which calls the function below and gets the accesss_token from the response.

function onFacebookInitialLoginStatus(response) {
            if (response.status == "connected" && response.session) {
                var access_token = response.session.access_token;
                var url = 'https://graph.facebook.com/me/likes?access_token=' + access_token;
            }
            else {
                facebookLogin();
            }
        }