Authenticating a FACEBOOK Application - PHP

问题

i need to authenticate before posting to my own wall, so here is my code

function get_app_token($appid, $appsecret)
{
$args = array(
'grant_type' => 'client_credentials',
'client_id' => $appid,
'client_secret' => $appsecret
);

$ch = curl_init();
$url = 'https://graph.facebook.com/oauth/access_token';
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $args);
$data = curl_exec($ch);

return json_encode($data);
}

$token = get_app_token($appid, $appsecret);
$attachment = array('message' => '',
        'access_token' => $token,
                'name' => 'Attachment Name',
                'caption' => 'Attachment Caption',
                'link' => 'http://apps.facebook.com/xxxxxx/',
                'description' => 'Description .....',
                'picture' => 'http://www.google.com/logo.jpg',
                'actions' => array(array('name' => 'Action Text', 
                                  'link' => 'http://apps.facebook.com/xxxxxx/'))
                );

$result = $facebook->api('/me/feed/', 'post', $attachment);

i got error OAuthException ,Invalid OAuth access token signature.

回答1:

you can get access_token from session array of facebook object directly.

$session = $facebook->getSession();
$session['access_token'];

of course you need to be authorized. if session is not set you must redirect to loginUrl

$facebook->getLoginUrl(array('req_perms' => 'email,read_stream,publish_stream'));
// this will return url for your authorization

and request permission you need.

回答2:

Value of $token is access_token=<YOUR_ACCESS_TOKEN>

You cannot pass $token value directly to the access_token parameter.

$token = get_app_token($appid, $appsecret);
$access_token = split('=',$token);
$attachment = array(
                    'message' => '',
                    'access_token' => $access_token[1],
                    'name' => 'Attachment Name',
                    'caption' => 'Attachment Caption',
                    'link' => 'http://apps.facebook.com/xxxxxx/',
                    'description' => 'Description .....',
                    'picture' => 'http://www.google.com/logo.jpg',
                    'actions' => array(array('name' => 'Action Text', 
                              'link' => 'http://apps.facebook.com/xxxxxx/'))
              );

Hope this will helps in making that work... :)

回答3:

A client_credentials access token doesn't give any access to /me (who would "me" be in this case? there's nothing that ties it to a user), let alone posting access. It is for use only with application-level Graph API calls, like to get an application's Insights data.

来源：https://stackoverflow.com/questions/5581593/authenticating-a-facebook-application-php