Facebook PHP SDK处理访问令牌
[英]Facebook PHP SDK dealing with Access Tokens
问题描述
I have crawled around lots of various answers but am still a bit confused with how I should be dealing with facebook access tokens . 
我已经爬了很多不同的答案,但我仍然有点混淆我应该如何处理Facebook 访问令牌 。 One of the main problems I'm having is due to what information is being stored in my browser. 我遇到的主要问题之一是由于我的浏览器中存储了哪些信息。 For example, I log onto the app, the token expires, I can't logon again unless I clear cookies/app settings in browser. 例如,我登录到应用程序,令牌过期,除非我在浏览器中清除cookie / app设置,否则我无法再次登录。
I stumbled across this thread: How to extend access token validity since offline_access deprecation 我偶然发现了这个问题: 如何在offline_access弃用之后扩展访问令牌的有效性
Which has shown me how to create an extended access token through php. 这告诉我如何通过php创建扩展访问令牌。
My questions are: 我的问题是:
1. Do I need to store the access token anywhere? 1.我是否需要将访问令牌存储在任何地方?
2. What happens when the access token expires or becomes invalid? 2.访问令牌过期或变为无效时会发生什么? At the moment, my app simply stops working when the short term access ones expire. 目前,我的应用程序只是在短期访问过期时停止工作。
3. Is there a way I should be handling them to check if they have expired? 3.有没有办法处理它们以检查它们是否已过期? I am using the php sdk and have basically used the standard if( $user )... Like this: 我正在使用php sdk并且基本上使用了标准if($ user)...像这样:
require 'sdk/src/facebook.php';
$facebook = new Facebook(array(
'appId' => 'XXXXXXXXXXXXXXXXXXXXX',
'secret' => 'XXXXXXXXXXXXXXXXXXXXX',
));
$user = $facebook->getUser();
if( $user ){
try{
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
if (!$user){
$params = array(
'scope' => 'email',
);
$loginUrl = $facebook->getLoginUrl( $params );
echo '<script type="text/javascript">
window.open("'. $loginUrl .'", "_self");
</script>';
exit;
}
if( $user ){
$access_token = $facebook->getExtendedAccessToken();
$get_user_json = "https://graph.facebook.com/me?access_token="
. $access_token;
// Rest of my code here...
}
- Is there anything else I should be doing to handle tokens? 还有什么我应该做的来处理令牌吗?
. 。 Should I be passing the access token between pages or is it ok to just call it again at the top of each page like this: 我应该在页面之间传递访问令牌还是可以在每个页面的顶部再次调用它,如下所示:
$facebook = new Facebook(array(
'appId' => 'XXXXXXXXXXXX',
'secret' => 'XXXXXXXXXXXX',
'redirect_uri' => 'http://localhost:8000/',
));
$token = $facebook->getExtendedAccessToken();
2 个解决方案
解决方案1
7 已采纳 2013-01-21 08:29:13
Let's go through your questions: 让我们来看看你的问题:
Do I need to store the access token anywhere?
This depends on your application. 这取决于您的应用程序。 First of all ask yourself, do you need to perform actions on behalf of the user while he is not present (not logged in to your app)? 首先问问自己,你是否需要代表用户在他不在场时(未登录到你的应用程序)执行操作?
If the answer is yes , then you need to extend the user token which can be done using the PHP-SDK by calling this method while you have a valid user session: setExtendedAccessToken() . 如果答案是肯定的 ,那么您需要扩展用户令牌,这可以通过在您拥有有效用户会话时调用此方法来使用PHP-SDK完成: setExtendedAccessToken() 。
Also you should refer to this document: Extending Access Tokens 您还应该参考此文档: 扩展访问令牌
What happens when the access token expires or becomes invalid?
This is where the catch clause in your code comes in handy, while facebook example only logs the error ( error_log($e); ) you should be handling it! 这是代码中的catch子句派上用场的地方,而facebook示例只记录错误( error_log($e); )你应该处理它!
Facebook already has a tutorial about this: How-To: Handle expired access tokens . Facebook已经有一个关于此的教程:操作方法:处理过期的访问令牌 。
Also you should refer to the Errors table and adjust your code accordingly. 您还应该参考错误表并相应地调整您的代码。
Is there anything else I should be doing to handle tokens?
See above. 往上看。
Should I be passing the access token between pages or is it ok to just call it again at the top of each page
You shouldn't need to do any of that, because the PHP-SDK will handle the token for you; 您不应该这样做,因为PHP-SDK将为您处理令牌; have you noticed that you are calling: $user_profile = $facebook->api('/me'); 你注意到你在调用: $user_profile = $facebook->api('/me'); without appending the user access_token ? 没有附加用户access_token ?
The SDK is adding it from its end so you don't have to worry about it. SDK正在添加它,因此您不必担心它。
解决方案2
0 2013-10-29 21:23:55
I just had the same issue, but i solve it with some of your help. 我只是遇到了同样的问题,但是我在你的一些帮助下解决了这个问题。 I'm using the php-sdk to connect to the Facebook API, so i just made this. 我正在使用php-sdk连接到Facebook API,所以我就是这样做的。
$facebook = new Facebook(array(
'appId' => 'API_ID',
'secret' => 'SECRET',
));
// Get User
$user = $facebook->getUser();
// Verifing if user is logged in.
if ($user) {
try {
// Proceed knowing you have a logged in user who's authenticated.
$user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
error_log($e);
$user = null;
}
}
// Verify if user is logged in, if it is... Save the new token.
if($user){
// Request the access_token to the
$access_token = $facebook->getAccessToken()
// Saving the new token at DB.
$data = array('access_token' => $access_token);
$this->db->where('userid',$user);
$this->db->update('facebook', $data);
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.