Facebook app: OAuthException: An active access token must be used

i am having the next problem migrating my old facebook app to Oauth 2.0:

when i try to read the user profile (in php code) i get the error: "OAuthException: An active access token must be used to query information about the current user."

The application makes the login operation via javascript and then it redirects to a page where from php i get the user profile.

The javascript code:

<script type="text/javascript">
window.fbAsyncInit = function() {   
    FB.init({
        appId   : '<?php echo $facebook->getAppId() ?>',
        cookie  : true, // enable cookies to allow the server to access the session
        xfbml   : true, // parse XFBML
        oauth : true    // enable oauth
    });

    // whenever the user logs in, we refresh the page
    FB.Event.subscribe('auth.login', function(response) {
        window.location="index.php";
    });

};

(function() {
    var e = document.createElement('script');
    e.src = document.location.protocol + '//connect.facebook.net/en_US/all.js';
    e.async = true;
    document.getElementById('fb-root').appendChild(e);
}());


function login () {
 FB.login(function(response) {
   if (response.authResponse) {
     //console.log('Welcome!  Fetching your information.... ');
     FB.api('/me', function(response) {
       //alert('Good to see you, ' + response.name + '.');
       var url="./code.php";
       window.location=url;
     });
   } else {
     alert("Debes de identificarte y aceptar las condiciones para obtener el descuento");
   }
 }, {scope: 'email'});

};


</script>

The php part (in code.php):

require 'facebook-php-sdk/src/facebook.php';

// Create our Application instance (replace this with your appId and secret).
$facebook = new Facebook(array(
  'appId'  => 'xxxxxxxxxxxxxxxxx',
  'secret' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
));
$user = $facebook->getUser();   
if ($user) {
    try {
        // Proceed knowing you have a logged in user who's authenticated.
        $me = $facebook->api('/me');
.....

I have read different posts and tried things like getting the access_token from the javascript login response or from the cookie and then make the call to api('me/?access_token=…), but it didn´t work.

Edit: Thanks a lot to everyone, it's working now!!

Thanks

$cookieName = 'fbsr_' . $app_id; function parse_signed_request($signed_request, $secret) { list($encoded_sig, $payload) = explode('.', $signed_request, 2); // decode the data $sig = base64_url_decode($encoded_sig); $data = json_decode(base64_url_decode($payload), true); if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') { error_log('Unknown algorithm. Expected HMAC-SHA256'); return null; } // check sig $expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true); if ($sig !== $expected_sig) { error_log('Bad Signed JSON signature!'); return null; } return $data; } function base64_url_decode($input) { return base64_decode(strtr($input, '-_', '+/')); } $fbsr=parse_signed_request($_COOKIE[$cookieName],$application_secret); $user_id=$fbsr['user_id'];

Best Answer

@moguzalp @brandwaffle @yauros,To get signed_request on non canvas app. i used the follwing code and it works for me. If you are using Oauth 2.0 than u will get cookie named fbsr_app_id.This cookie is nothing but a signed_request.

You can get this cookie and parse the signed_request to get user id and access_token as follows:

Best Answer

Related Solutions

Php – Getting Facebook user from access token (PHP SDK 3.0.1)

Facebook – Unable to get a long term access token using facebook graph api

Related Topic