When i try to request a long-lived access token from the facebook api it gives back a token and when i test the token in the debugger it says it will never expire, a few hours / a day later i can't make any calls with the token anymore. It suddenly says:
"Any of the pages_read_engagement, pages_manage_metadata, pages_read_user_content, pages_manage_ads, pages_show_list or pages_messaging permission(s) must be granted before impersonating a user's page."
This is how i request the long lived token:
$client = new Client([
'base_uri' => 'https://graph.facebook.com/v12.0/me/accounts?
fields=picture,category_list,name,access_token&access_token=' . $token,
'timeout' => 2.0,
]);
Am i doing something wrong here? Does anyone else have this problem?
(Edit) - The problem occurs when i connect a second time from another website, it seems like when i connect a second site the first token gets disconnected?
Related
As per sdk documentation.
https://intuit.github.io/QuickBooks-V3-PHP-SDK/authorization.html
"That is what refresh token used for. It is used to request a new access token after access token expired, so you can still access to the QBO company after an hour. Just remember, whenever you make a refreshToken API call, always STORE THE LATEST REFRESH TOKEN value in your session or database"
This is the case: So my access token is expired I need to get a new one I'll run the code below.
$loginHelper = new OAuth2LoginHelper($this->clientID, $this->clientSecret);
$token = $loginHelper->refreshAccessTokenWithRefreshToken($this->refreshToken);
Then the token variable in code above will give me the new access token using this code.
$token->getAccessToken();
It was successful I have the new access token now.
However, seems refresh token is not changing quickbooks said "STORE THE LATEST REFRESH TOKEN" but the $token obj returns are the same.
My refresh token use to request new access token is:
string(50) "Q011532218006WxAY7UnIdulGDJAcgnaoTi7pIkHVaaQld9Me3"
then the return of my request:
QuickBooksOnline\API\Core\OAuth\OAuth2\OAuth2AccessToken Object
(
[accessTokenKey:QuickBooksOnline\API\Core\OAuth\OAuth2\OAuth2AccessToken:private] => eyJlbmMiOiJBMTI4Q0JDLUhTMjU2IiwiYWxnIjoiZGlyIn0..llxj6kOGCzFiqBShGPUtbg.rNbEdMvhD0iER3z4IwB-azYbbk9givKxtaiDh7Uch8HbmZLkF7-xckpgiMDk8V5lYwYOCfP1EaPFa0iJlpbNPZdT7RBfPIkEqotTVfP0UNPwC13a37PpYHOvg_Sxbp_5GuOvdIa1RVskn4tY_FIOaCVnTaxuDF4MWNKOxsitHEoYxzVVcdqigTWri9yfIA6ZqO2vTAc92iTsa30L9jYcFeEdaNVaPt7zyM-y_FzY2W72uq8fyYjpv-fmvWMwv94pCJ6VoV82rM7OmLh5sOWORKfcZJ0xDLMrKddUPnA0GVl3mb3E6D-JyQ2-N2AYNW553nryI9f9iuoAqv7f6bXhzmaO-ByN0xtDEt9E48CFN-tyA_qShtwmEUajhsq0XFrUZgR0rtEq2kSvj79v3-sX1P7qCjPPrGK2q12VQ24DbVWnDYDZslYh9nyJGtiZgXu-GWFNKhfaXI76U_ASC2yefrcWu6ioIdDrn8j75B9AZgg3GpBqkT7H2qHWGqieeuJmcuFVoYIJUiztZNrDWYvmCJv_w2KlG911GHqLO7K7AznzpiSdIWwGXVBSxYRBbCVQTFJge1SYkXYOWj1OP9aFttpxRNX_ctiAiqV5IA9JBs_T3H4w6mGYRt4NpXZCMn3Yguwc1LekmCn0r83taHjvOT0_l78c1zv2nWC_ADKgdd1lPLMzQHiNWnHCDIBrRYm0.h0WaCjevbfdig0G-zQM9eA
[tokenType:QuickBooksOnline\API\Core\OAuth\OAuth2\OAuth2AccessToken:private] => bearer
[refresh_token:QuickBooksOnline\API\Core\OAuth\OAuth2\OAuth2AccessToken:private] => Q011532218006WxAY7UnIdulGDJAcgnaoTi7pIkHVaaQld9Me3
[accessTokenExpiresAt:QuickBooksOnline\API\Core\OAuth\OAuth2\OAuth2AccessToken:private] => 1523499723
[refreshTokenExpiresAt:QuickBooksOnline\API\Core\OAuth\OAuth2\OAuth2AccessToken:private] => 1532218006
[accessTokenValidationPeriod:QuickBooksOnline\API\Core\OAuth\OAuth2\OAuth2AccessToken:private] => 3600
[refreshTokenValidationPeriod:QuickBooksOnline\API\Core\OAuth\OAuth2\OAuth2AccessToken:private] => 8721883
[clientID:QuickBooksOnline\API\Core\OAuth\OAuth2\OAuth2AccessToken:private] => Q032lsDMTnotxhcOudLOpyfYuDXfB9xEMWpMRpvFIwW1VV1eyQ
[clientSecret:QuickBooksOnline\API\Core\OAuth\OAuth2\OAuth2AccessToken:private] => Ml3Id7ZgeVNzAbxecHwwwzrBmuKeQXw7kljlwT84
[realmID:QuickBooksOnline\API\Core\OAuth\OAuth2\OAuth2AccessToken:private] =>
[baseURL:QuickBooksOnline\API\Core\OAuth\OAuth2\OAuth2AccessToken:private] =>
)
As per quickbooks developer, "The previous refresh token expires after 24 hours after you create a new one. So you would get the same refresh token from the time you refresh untill the next 24 hours."
Read more: Click Here
I've built an app that connects to Quickbooks using OAuth 2 with the official Quickbooks PHP SDK.
I get two tokens:
Access token (Expiring after 60 minutes)
Refresh token (Expiring after 100 days)
The Refresh token is used to get a new Access token.
However, by requesting a new access token I also receive a new refresh token that I save in the database.
The previous refresh token will be forced to expire. But the new refresh token is invalid already.
I have built a CRON job that request a new refresh token every 15 minutes. I do get a new refresh token but this one is invalid (Error : "invalid_grant"). (See the code below)
What am I doing wrong here ?
$dataService->setMinorVersion("9");
$OAuth2LoginHelper = $dataService->getOAuth2LoginHelper();
$accessToken = $OAuth2LoginHelper->refreshToken();
$dataService->updateOAuth2Token($accessToken);
$token->previous_token = $token->last_token;
$token->last_token = $accessToken->getRefreshToken();
if($token->last_token != $token->previous_token){
if($token->save()){
mail('mymail', 'New token !', "Token updated!!!!");
}
}
In my website i have an upload button for upload files to google drive via api.
Here is my code:
$auth_code = GOOGLEDRIVE_AUTH_CODE;
$access_token = GOOGLEDRIVE_ACCESS_TOKEN;
$refresh_token = GOOGLEDRIVE_REFRESH_TOKEN;
$client_id = 'Google_App_Client_ID';
$client_secret = 'Google_App_Client_Secret';
$redirect_uri = 'Redirct_Url';
$client = new Google_Client();
$client->setClientId($client_id);
$client->setClientSecret($client_secret);
$client->setRedirectUri($redirect_uri);
$client->setAccessType('offline');
$client->setApprovalPrompt('force');
$client->addScope("https://www.googleapis.com/auth/drive");
$service = new Google_Service_Drive($client);
if (isset($access_token) && $access_token) {
$client->setAccessToken($access_token);
if ($client->isAccessTokenExpired()) {
$refresh_token = $client->getRefreshToken();
$client->refreshToken($refresh_token);
$access_token = $client->getAccessToken();
$co->save('GDRIVE_ACCESS_TOKEN',$access_token);
$co->save('GDRIVE_REFRESH_TOKEN',$refresh_token);
}
} else {
$authUrl = $client->createAuthUrl();
}
this line throws an error
$client->refreshToken($refresh_token);
"Error refreshing the OAuth2 token, message: '{ "error" : "invalid_grant" }'"
Reading up on the error message it sounds like the token refresh isn’t working all of a sudden. Like I said, this upload tool has been working fine for months.
Any Idea ?
Thanks,
Midhun
Invalid_grant
Your server’s clock is not in sync with NTP. (Solution: check the server time if its incorrect fix it. )
If its not that then there is no fix besides asking the user to authenticate again. Possible causes for the refresh token to have expired.
The user has revoked your access.
the refresh token hasn't been used in six months to request a new access token.
The refresh token limit has been exceeded. Applications can request multiple refresh tokens. For example, this is useful in situations where a user wants to install an application on multiple machines. In this case, two refresh tokens are required, one for each installation. When the number of refresh tokens exceeds the limit, older tokens become invalid. If the application attempts to use an invalidated refresh token, an invalid_grant error response is returned. The limit for each unique pair of OAuth 2.0 client and is 25 refresh tokens (note that this limit is subject to change). If the application continues to request refresh tokens for the same Client/Account pair, once the 26th token is issued, the 1st refresh token that was previously issued will become invalid. The 27th requested refresh token would invalidate the 2nd previously issued token and so on.
I am making a PHP application, that will use a single google drive account.
So as an administrator i first give permission to google drive account.
When permissions are accepted, i save the refresh token in a database.
After than, in a different URL, that will be used by clients, i am trying to authenticate.
Next, I pull the refresh token from database, and then a make a post request to:
$url = "https://accounts.google.com/o/oauth2/token";
with parameters:
$post_data = array(
'client_id' => CLIENT_ID,
'client_secret' => CLIENT_SECRET,
'refresh_token' => $refreshToken,
'grant_type' => 'refresh_token' );
After a get successful response, I save the access_token but when i try to exchange it for credentials, i get this error Message:
An error occurred: Error fetching OAuth2 access token, message: '
Error processing OAuth 2 request
Error 500
'
Fatal error: Uncaught exception 'CodeExchangeException' in ...
Am I missing something here?
Is the oauth flow i used correct?
Thanks in advance!
When you get access token from refresh token, that access token itself is a credential and there is no exchange process after that. In credential, there are: 1. access token 2. refresh token. And you get credential in exchange of authorization code, not access token. So in your code, error occurred in process of trying to get access token in exchange of access token.
<?php
require_once"includes/strings.php";
require_once"php/function.php";
require_once"php/config.php";
require_once"php/app.php";
$currentFBuserid = "0";
///////FACEBOOK GET USER INFORMATION
session_start();
// Enter the app id and secret below
define('YOUR_APP_ID', '$fbAppID');
define('YOUR_APP_SECRET', '$fbAppSecret');
require_once"php/fbsdk/src/facebook.php";
$facebook = new Facebook(array(
'appId' => $fbAppID,
'secret' => $fbAppSecret,
));
$userId = $facebook->getUser();
if($userId){
$userInfo = $facebook->api('/' + $userId);
}
Okay the issue is simple about every two hours I guess the session expires on my site and the error "Fatal error: Uncaught OAuthException: Error validating access token: Session has expired at unix time 1352329200.
The current unix time is 1352330589. thrown in /home/######/public_html/php/fbsdk/src/base_facebook.php on line 1238"
I'm having an impossible time figuring out what the issue is, no matter how long I scrape this site.
BTW:(refreshing the page solves the issue)
I really need help.
Thank you!
Okay the issue is simple about every two hours I guess the session expires on my site and the error "Fatal error: Uncaught OAuthException: Error validating access token: Session has expired at unix time 1352329200.
User access tokens acquired using the client-side flow expire after two hours.
You can either extend them, or use the server-side flow – both will result in a token that’s valid for 60 days.
https://developers.facebook.com/roadmap/offline-access-removal/
(The latest version of the PHP SDK has a method called setExtendedAccessToken for extending a short-lived token.)
BTW:(refreshing the page solves the issue)
If you are using the JS SDK to do the login, then a refresh of course makes it do a new cross-domain request to Facebook, and will get a fresh short-lived access token.