"An active access token must be used" (Dec 2012) && The proper way to set up Facebooks PHP-SDK for Ajax calls to get the user-id

Question

This is giving me quite some headache. I have an page-tab-application, where DB-interaction uses the facebook-user-id to assign and save data and also to check user permissions. Until a weak ago everything was working fine, but now with the upcoming december-changes this setup doesnt work anymore:

config.php:

$facebook = new Facebook( array(
'appId' => $app_id,
'secret' => $app_secret,
'cookie' => true
)); 

index.php: includes config.php and gets the signed request (not important for the question

javascript.js: calls the read-user-status.php and handles the data

read-user-status.php: gives json-response, includes config.php and calls the $facebook -> getUser()-function to get the uid

Even when called from the index.php directly after page-load, I sometimes get the uid and sometimes I don't. Strangly enough I usually have to wait a little until I reload the page and then it works again. But this isn't always the case. This all is just very strange to me.

EDIT: Should have mentioned that this call:

$uid = $facebook -> getUser();
if ($uid) {
    try {
       // Proceed knowing you have a logged in user who's authenticated.
       $user_profile = $facebook -> api('/me');
    } catch (FacebookApiException $e) {
       error_log($e);
       $uid = FALSE;
     echo "EXCEPTION $e";
   }
}

gives out "EXCEPTION An active access token must be used to query information about the current user".

I know there quite a lot of similar questions out there, but none of the answers were helpful to my particular (and probably to the new breaking changes relied) problem.

EDIT2: I now suppose that it is a sdk-bug (https://developers.facebook.com/bugs/238039849657148 , thanks to CBroe). Any recommendations for a work-around are of course very welcome.

EDIT 3, TEMPORARY SOLUTION Everytime you make an ajax request, you post the token you get from the FB.getLoginStatus or FB.login and read it out in the php file and set it via $facebook -> setAccessToken. Not suitable in all circumstances (you definately need to use post), is slower and brings some security issues, but still works.

Answer 1

Sounds like you are affected by the bug I reported beginning of November, https://developers.facebook.com/bugs/238039849657148

They’ve confirmed it and say they’re working on a fix – but since the change is only a few days away now, they should hurry up a little …

Answer 2

I got this working by doing the following...

if(!$user){

$loginUrl = $facebook->getLoginUrl(array(
                'scope' => 'email',
                'redirect_uri' => $app_url
                ));
    header('Location: ' . $loginUrl);
}

I also added my app to be integrated with:

• Website with Facebook login
• App on Facebook
• Page Tab