1. 技术文章
  2. trying to get app access token

trying to get app access token

扶醉桌前 提交于 2019-12-27 16:59:07

问题


I tried to get an app-access-token for my facebook app with this code:

APP_ACCESS_TOKEN = FB.api(
    "oauth/access_token",
    {client_id: APP_ID, client_secret: APP_SECRET_CODE, redirect_uri: uri},
    function(response){
    console.log(response);
});

which should be like:

GET https://graph.facebook.com/oauth/access_token?
        client_id=YOUR_APP_ID
       &client_secret=YOUR_APP_SECRET
       &redirect_uri=uri

but i get an error:

code: 1
message: "Missing authorization code"
type: "OAuthException"

What is the authorization code and how can i get it?


回答1:


Obtaining an App Access Token

To obtain an App Access Token, invoke the following HTTP GET request:

GET https://graph.facebook.com/oauth/access_token?
            client_id=YOUR_APP_ID
           &client_secret=YOUR_APP_SECRET
           &grant_type=client_credentials

The API will respond with a query-string formatted string of the form:

access_token=YOUR_APP_ID|YOUR_APP_ACCESS_TOKEN

Reference: http://developers.facebook.com/docs/opengraph/howtos/publishing-with-app-token/




回答2:


https://developers.facebook.com/docs/howtos/login/login-as-app/:

“Because it requires you to include your App Secret you should not attempt to make this call client-side as that would expose this secret to all your app users. It is important that your App Secret is never shared with anyone. For this reason, this call should be performed server-side”

And for the app access token, it’s the same – you should never use it client-side, because every user could spot it there and then start using it to perform actions on behalf of your app (or change many of your app’s settings).

If you have a server-side part to your application, you can simply “build” the app access token there yourself, concatenating app id and secret with a pipe symbol, app_id|app_secret.




回答3:


check if users of the node.js or the JAVASCRIPT.

getLongLiveToken: function(data){
    FB.api('oauth/access_token', {
        client_id: data.client_id, // FB_APP_ID
        client_secret: data.secret, // FB_APP_SECRET
        grant_type: 'fb_exchange_token',
        fb_exchange_token: data.access_token // USER_TOKEN
    }, function (res) {
        if (!res || res.error) {
            console.log(!res ? 'error occurred' : res.error);
        } else {
            var accessToken = res.access_token;
            if(typeof accessToken != 'undefined'){}
        }
    });
}



回答4:


I'm not sure that exposing the APP client secret in the code is a good idea, you can take the APP token from Facebook tool "Access Token Tool" just copy the token to your code for any use https://developers.facebook.com/tools-and-support/




回答5:


You can also use this POST endpoint without generating the token, just be sure its being called from the server not client-side where the app_secret is exposed to public:

https://graph.facebook.com/?id={url}&scrape=true&access_token={app_id}|{app_secret}


来源:https://stackoverflow.com/questions/12948809/trying-to-get-app-access-token

标签
facebook
access-token
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!