Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How would you perform `debug_token` call using facebook php sdk?

According to the documentation the endpoint looks like

GET /debug_token?
     input_token={input-token}&
     access_token={access-token}

where

input_token: the access token you want to get information about
access_token: your app access token or a valid user access token from a developer of the app

Assuming I don't have a "valid user access token from a developer of the app" - just because I don't want to refresh it every 2 months and keep always it in mind - how would I perform it using "app access token"?

The getApplicationAccessToken() method is protected, so there is no way to access it without overriding it to public.

Any elegant solution that I'm missing?

PS: a call example that would fail with "You must provide an app access token or a user access token that is an owner or developer of the app" error due to lack of access token:

$tokenDebug = $fb->api('debug_token', array(
    'input_token' => $token,
));

PPS: the "interesting" thing is that the error from above would appear not for every $token but for some, and I cannot see any obvious distinction between tokens that fail and that succeed.

PPPS: $token is a user access token

PPPPS: Created a feature request for FB PHP SDK https://developers.facebook.com/bugs/637897982899835

PPPPPS: Probably it could be better to create a pull request instead, but it's 1:30am and I'm too tired for that

like image 636
zerkms Avatar asked Oct 14 '13 12:10

zerkms


2 Answers

OK, so if one needs an app access token, app_id|app_secret (both values concatenated with a pipe symbol in the middle) always works.

The method getApplicationAccessToken seems to have been protected in the PHP SDK up to 3.2.2 – whereas getAppId and getAppSecret are already public in that version; so those could be the alternative to hard-coding id and secret in place.

like image 84
CBroe Avatar answered Nov 15 '22 21:11

CBroe


The PHP SDK has the getOAuth2Client() client method, that returns a \Facebook\Authentication\OAuth2Client instance.

This has the debugToken($accessToken) method, that returns a \Facebook\Authentication\AccessTokenMetadata instance that contains data about the access token.

$appid = '123456789';
$appsecret = 'foobar';

$api = new Facebook(['app_id' => $appid, 'app_secret' => $appsecret]);

$oauth = $api->getOAuth2Client();
$meta = $oauth->debugToken($accessToken);
$meta->validateAppId($appid); // Will throw a FacebookSDKException if invalid

$meta->getIsValid(); // boolean
$meta->getExpiresAt(); // \DateTime|null
like image 33
Tim Avatar answered Nov 15 '22 19:11

Tim