facebook - 必须使用有效的访问 token

Question

我正在尝试让 Facebook 用户(当前用户)使用以下代码:

$app_id = "xxx";
$app_secret = "yyy";

//** Get user information
//Create our application instance.
$facebook = new Facebook(array(
    'appId' => $app_id,
    'secret' => $app_secret,
));
// Get User ID
$user = $facebook->getUser();

// We may or may not have this data based on whether the user is logged in.
//
// If we have a $user id here, it means we know the user is logged into
// Facebook, but we don't know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.

if ($user) {
    try {
        // Proceed knowing you have a logged in user who's authenticated.

        $user_profile = $facebook->api('/me');....

        // The $user_profile = $facebook->api('/me'); line throw an exception:

        'message' => string 'An active access token must be used to query
                            'information about the current user.' (length=80)

      'type' => string 'OAuthException' (length=14)
      'code' => int 2500

为什么？

Answer 1

看来您没有通过OAuth 2.0 身份验证/授权过程，如 Authentication 中所述。

那里有一些例子解释了如何做到这一点。我也在使用 PHP SDK，但我选择在客户端通过 JavaScript 进行身份验证，这对我来说更容易。不过，这两种方法都在文档中进行了解释。

更新:我使用的代码是 PHP 和 JavaScript 的组合，这对我来说非常有用。此处唯一未正确处理的情况 (AFAIK) 是当用户未登录 Facebook 时访问应用程序，即，他直接通过 URL 而不是通过 Facebook 访问应用程序。在这种情况下，会显示空白页面，而不是通知和登录按钮或其他内容。

无论如何，这是我的 index.php，其中我从我的 config.inc.php 传递变量，例如成功(应用程序主页)和失败页面(用户没有向 JavaScript 授予权限:

        <?php
            require 'include/config.inc.php';

            //Check whether Facebook OAuth mechanism called back to this script with access_token or error
            if (isset($_GET['expires_in']) && $_GET['expires_in']>0)
            {
                header('Location: '.$appname_canvasPage.$appname_successPage);
                exit;
            }
            else if (isset($_GET['error']))
            {
                //echo 'querystr: '.$_SERVER['QUERY_STRING'];
                header('Location: '.$appname_canvasPage.$appname_failurePage);
                exit;
            }
            else
            {
                require 'include/header_metadata.inc.html';
        ?>
    </head>

    <body>
        <div id="fb-root"></div>
        <script>
            var appname_canvasURI = '<?php echo $appname_canvasURI; ?>';
            var appname_canvasPage = '<?php echo $appname_canvasPage; ?>';
            var appname_successPage = '<?php echo $appname_successPage; ?>';
            var appname_failurePage = '<?php echo $appname_failurePage; ?>';
            var appname_fbPerms = '<?php echo $appname_fbPerms; ?>';
            var appname_appid= '<?php echo $appname_appid; ?>';

            window.fbAsyncInit = function()
            {
                FB.init({
                  appId      : appname_appid, // App ID
                  channelUrl : appname_canvasPage+'/channel.html', // Channel File
                  status     : true, // check login status
                  cookie     : true, // enable cookies to allow the server to access the session
                  oauth      : true, // enable OAuth 2.0
                  xfbml      : true  // parse XFBML
                });

                // Additional initialization code here
                FB.getLoginStatus(function(response)
                {
                    //console.log('getLoginStatus response: ',response);
                    if (response.authResponse)
                    {
                        //user is already logged in and connected
                        facebookCheckPerms(); // ensure all requires perms are available and if not request them
                    }
                    else
                    {
                        //app is not authorized or user is logged out
                        facebookOAuthRedirect();
                    }
                });
            };

            // Load the SDK Asynchronously
            (function()
            {
                var e = document.createElement('script');
                e.type = 'text/javascript';
                e.src = document.location.protocol + '//connect.facebook.net/en_US/all.js';
                //e.src = "http://static.ak.fbcdn.net/connect/en_US/core.debug.js";
                e.async = true;
                document.getElementById('fb-root').appendChild(e);
            }());

            function facebookCheckPerms()
            {
                var hasReqPerms=true;
                FB.api(
                {
                    method: 'fql.query',
                    query: 'SELECT '+appname_fbPerms+' FROM permissions WHERE uid=me()'
                },
                function(response)
                {
                    for(var key in response[0])
                    {
                        if(response[0][key]==0)
                        {
                            hasReqPerms=false;
                        }
                    }
                    if (hasReqPerms==false)
                    {
                        // user does not have required permissions, do OAuth  2.0 redirect to get permissions
                        facebookOAuthRedirect();
                    }
                    else
                    {
                        // user has required permissions, start the app.
                        //console.log('checkperms: user has required permissions, start the app');
                        top.location.href = appname_canvasPage+appname_successPage;
                    }
                });
            }

            function facebookOAuthRedirect()
            {
                var redirectURL = 'https://www.facebook.com/dialog/oauth/?client_id='+appname_appid+'&scope='+appname_fbPerms+'&redirect_uri='+encodeURIComponent(appname_canvasURI)+'&response_type=token';
                //console.log('redirectURL: '+redirectURL);
                top.location.href = redirectURL;
            }

        </script>
        <?php
            }
        ?>
    </body>
</html>