Facebook API - 如何獲取訪問令牌？

Question

我正在嘗試按照文檔獲取訪問令牌

首先，我必須將用戶重定向到 Facebook 登錄頁面。 響應如下：

http://localhost/?code=AQDcY0NnkyHy2ixcmn8CR2W3F21DvXFwcyP4NgvalTIan4pCC19uInXLKNPr48FkL2VKPbY2OL98zw5XrD7lbrZ_rnT0zDs4Rumc1QOLAfD0r3Ekpac9tKmBMEImIawOm8yxmR92IL1

很好，我們終於可以用代碼交換 Acess Token

if(empty($_GET['code'])){
  header("Location :https://www.facebook.com/v5.0/dialog/oauth?
  client_id={app-id}
  &redirect_uri={"h t t p s:// www.domain.com/login"}
  &state={"{st=state123abc,ds=123456789});
}
else{
$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, 'https://graph.facebook.com/v5.0/oauth/access_token?
   client_id={app-id}
   &redirect_uri={redirect-uri}
   &client_secret={app-secret}
   &code=$_GET['code']');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

$result = curl_exec($ch);
if (curl_errno($ch)) {
    echo 'Error:' . curl_error($ch);
}
curl_close($ch);
}

在這里我收到了驚喜：

string(0) ""

怎么了？

Answer 1

這是我在我的一個項目中使用的閱讀評論。

constant （定義）可以更改為示例url = "url";

//The username or email address of the account.
define('USERNAME', 'myusername');

//The password of the account.
define('PASSWORD', 'mypassword');

//Set a user agent. This basically tells the server that we are using Chrome ;)
define('USER_AGENT', 'Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.2309.372 Safari/537.36');

//Where our cookie information will be stored (needed for authentication).
define('COOKIE_FILE', 'cookie.txt');

//URL of the login form.
define('LOGIN_FORM_URL', 'http://example.com/login.php');

//Login action URL. Sometimes, this is the same URL as the login form.
define('LOGIN_ACTION_URL', 'http://example.com/login-check.php');


//An associative array that represents the required form fields.
//You will need to change the keys / index names to match the name of the form
//fields.
$postValues = array(
    'username' => USERNAME,
    'password' => PASSWORD
);

//Initiate cURL.
$curl = curl_init();

//Set the URL that we want to send our POST request to. In this
//case, it's the action URL of the login form.
curl_setopt($curl, CURLOPT_URL, LOGIN_ACTION_URL);

//Tell cURL that we want to carry out a POST request.
curl_setopt($curl, CURLOPT_POST, true);

//Set our post fields / date (from the array above).
curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($postValues));

//We don't want any HTTPS errors.
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);

//Where our cookie details are saved. This is typically required
//for authentication, as the session ID is usually saved in the cookie file.
curl_setopt($curl, CURLOPT_COOKIEJAR, COOKIE_FILE);

//Sets the user agent. Some websites will attempt to block bot user agents.
//Hence the reason I gave it a Chrome user agent.
curl_setopt($curl, CURLOPT_USERAGENT, USER_AGENT);

//Tells cURL to return the output once the request has been executed.
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);

//Allows us to set the referer header. In this particular case, we are 
//fooling the server into thinking that we were referred by the login form.
curl_setopt($curl, CURLOPT_REFERER, LOGIN_FORM_URL);

//Do we want to follow any redirects?
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, false);

//Execute the login request.
curl_exec($curl);

//Check for errors!
if(curl_errno($curl)){
    throw new Exception(curl_error($curl));
}

//We should be logged in by now. Let's attempt to access a password protected page
curl_setopt($curl, CURLOPT_URL, 'http://example.com/protected-page.php');

//Use the same cookie file.
curl_setopt($curl, CURLOPT_COOKIEJAR, COOKIE_FILE);

//Use the same user agent, just in case it is used by the server for session validation.
curl_setopt($curl, CURLOPT_USERAGENT, USER_AGENT);

//We don't want any HTTPS / SSL errors.
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);

//Execute the GET request and print out the result.
echo curl_exec($curl);

現在我們來回答你的問題

有多種方法可以獲取訪問令牌，要生成應用訪問令牌，您需要：

1. 您的應用 ID
2. 你的應用秘密

解決方案之一：

curl -X GET "https://graph.facebook.com/oauth/access_token
  ?client_id={your-app-id}
  &client_secret={your-app-secret}
  &grant_type=client_credentials"

通過令牌獲取網址：

curl -i -X GET "https://graph.facebook.com/{your-user-id}/accounts?access_token={user-access-token}

在 facebook 文檔上查看更多信息： https : //developers.facebook.com/docs/facebook-login/access-tokens/

最后一句話！ 據我所知，您需要在 url 中指定您的app_id或user_id