Note: App access tokens are being used here so there is no login or permissions required.
My app access token is valid according to the Facebook App access token debugger
My FQL request is correct according to the Graph API explorer (for FQL)
However when I attempt a FQL search using my app access token:
$fql_query_url = 'https://graph.facebook.com/'.'fql?q='.urlencode($fql_query) . '&access_token=' . urlencode($acctoken);
I get the response:
{
"error": {
"message": "(#200) Must have a valid access_token to access this endpoint",
"type": "OAuthException",
"code": 200
}
}
The code I'm using literally worked two days ago but not it appears to be broken.
Does anyone know what is going on? I've looking into the app access token depreciation after 60 days but surely this would appear as an invalid token in the Facebook access token debugger. Also isn't the error message different if the app access token is depreciated.
Related
I am trying to setup authentication with google plus using their tutorial. I followed the directions verbatim, changing the client id and the client secret in signin.php. For the record, the google plus API is enabled in the google developer console. I update file permissions as instructed as well (chmod +x signin.php and chmod -R 555 vendor/). However, upon loading my authentication URL (which happens to be at the auth_test/ sub directory of my domain, and clicking the sign in button, the console throws a 401 (unauthorized) for the get request sent /activites. I have researched the problem and see that this can be caused by an invalid token, but I dont see how that can be because everything has been setup in singin.php. Much help would be appreciated...
You need to reset the state of your app if disconnected to refresh the $tocken.
Google API office Docs on Handling API Errors
401: Invalid Credentials
Invalid authorization header. The access token you're using is either
expired or invalid.
{ "error": {
> "errors": [
> {
> "domain": "global",
> "reason": "authError",
> "message": "Invalid Credentials",
> "locationType": "header",
> "location": "Authorization",
> }
> ],
> "code": 401,
> "message": "Invalid Credentials" } }
Suggested action: Refresh the access token using the long-lived
refresh token. If this fails, direct the user through the OAuth flow,
as described in Authorizing Your App
Also its is clearly commented in singin.php at line no. 98 :
// Normally the state would be a one-time use token, however in our
// simple case, we want a user to be able to connect and disconnect
// without reloading the page. Thus, for demonstration, we don't
// implement this best practice.
//$app['session']->set('state', '');
Thus in your case it appears that your app is disconnected and thus causing the $token to become empty. Hence forcing this code block at line no: 91
if (empty($token)) {
// Ensure that this is no request forgery going on, and that the user
// sending us this connect request is the user that was supposed to.
if ($request->get('state') != ($app['session']->get('state'))) {
return new Response('Invalid state parameter', 401);
}
I am far from the programming and PHP, but got the challenge to get the Fb share count for the website :)
I'm trying to get the proper App Access Token and send the request to Fb
according to this article.
The request should be like this:
https://graph.facebook.com/?ids=http://www.myurl.com/my-page&access_token=myappid|myappsecret
And I getting this error.
{
"error": {
"message": "Invalid OAuth access token signature.",
"type": "OAuthException",
"code": 190,
"fbtrace_id": "FfZKAkCyad1"
}
}
I am going to use it in PHP roughly like this:
function facebook_count($url)
{
$results = #file_get_contents('http://graph.facebook.com/' . $url .'&access_token=myappid|myappsecret');
if ($results) {
$like_array = json_decode($results, true);
if (!empty($like_array['shares']))
return ($like_array['shares']);
}
return 0;
}
My guess, I checked wrong Permissions (scopes) for my App token. Did not found an answer in FB dev page. Checked this for now:
user_likes, read_insights, read_audience_network_insights, public_profile
What Scope do I need to check, if I need only the shares count by the link?
Or in what else could be the problem?
You need to use an App Access Token... So the actual permissions (referring to User Access Tokens!) are irrelevant.
So, hopefully you are replacing myappid|myappsecret with your actual App Id and App Secret. If ynot, there's your error. Furthermore, I think in the file_get_contents call then ?id= part in the URL is missing.
Hi i have this to get comment from post it works is there is a years
$json = file_get_contents("http://graph.facebook.com/730350233684840/comments?limit=2500");
echo $json;
but now i have this error in facebook
{
"error": {
"message": "An access token is required to request this resource.",
"type": "OAuthException",
"code": 104
}
}
how i can get all comment from post ?
i have using your code #luschn
my request with true APP ID and App Secret
https://graph.facebook.com/730350233684840/comments?limit=2500&access_token=[APPIS|APPSECRT]
i have this
{
"error": {
"message": "Invalid OAuth access token signature.",
"type": "OAuthException",
"code": 190
}
}
i use chrome to look this error
--
English is not my native language, sorry for any mistakes.
For example:
$json = file_get_contents("http://graph.facebook.com/730350233684840/comments?limit=2500&access_token=[your-access-token]");
The most basic Access Token is an App Access Token, you can create one like this:
$appAccesstoken = $appId . '|' . $appSecret;
Depending on the resource, you may need a User or Page Token though. For that, you will have to authorize the User and it gets a lot more complicated.
More information about Access Tokens:
https://developers.facebook.com/docs/facebook-login/access-tokens
http://www.devils-heaven.com/facebook-access-tokens/
you have to change the position access token and limit
https://graph.facebook.com/167416583311544_730350233684840/comments?access_token=appId|appSecret&limit=2500
I have 100 Active Facebook access tokens.
For each account I have more than one access token.
I want to keep only one token for each account and want to delete the others.
And i don't want to do this manually so please post a PHP script which check all the tokens and keep only one active token for each account.
In such a case the simplest way to validate an access token is to issue the following request
https://graph.facebook.com/me?fields=id&access_token=#accesstoken
If the provided access token is not valid or expired Facebook will just return an error message of some sort. Such as :
{
"error": {
"message": "Error validating access token: This may be because the user logged out or may be due to a system error.",
"type": "OAuthException",
"code": 190,
"error_subcode": 467
}
}
For a valid access token the result will somehow look like this
{
"id": "ID_VALUE"
}
I am using the following URL to get a Facebook Auth Token for managing Pages and Page Events...
https://www.facebook.com/dialog/oauth?client_id=CLIENTID&redirect_uri=REDIRECTURL&scope=manage_pages,create_event&response_type=token
This goes through the authorization process and returns the token, which gets saved in my database. I then try to do the following to retrieve the thumbnail images of people attending one of the Page's Events...
function fbEventRSVPPhotos($eventID){
$authToken = eto_get_option('eto_auth_fbauthtoken') //pulled from database;
$json = file_get_contents("https://graph.facebook.com/" . $eventID ."/attending?access_token=" . $authToken);
$attendees = json_decode($json, true);
echo '<div class=attendee-photos>';
foreach($attendees['data'] as $attendee) {
echo '<img class="facebook-thumb toggleTooltip" title="' . $attendee['name'] . ' is attending" src="https://graph.facebook.com/' . $attendee['id'] . '/picture?type=square">';
}
echo '</div>';
}
This function works great for when I am logged in to Facebook, however once I log out I get the following...
Warning: file_get_contents(https://graph.facebook.com/MYEVENTID/attending?access_token=MYTOKEN) [function.file-get-contents]: failed to open stream: HTTP request failed! HTTP/1.0 400 Bad Request in PATHTOSCRIPT on line 94
Warning: Invalid argument supplied for foreach() in PATHTOSCRIPT on line 97
And then it continues to show this PHP error even after logging back in. I essentially have to regenerate the auth token every time I log back in.
Can someone help me understand why this is happening and how to fix?
You want to destroy the session $facebook->destroySession(), not invalidate the token. Logging out is one of the ways to invalidate the token. This is the expected action.
Destroying the session will log the user out of the app but not invalidate the token. Seeing that you are saving it to a database, you are probably requesting access longer than two hours which is past the limitation of a short lived token.
Also as you are using a page you can use scenario 5 at https://developers.facebook.com/roadmap/offline-access-removal/
When a user grants an app the manage_pages permission, the app is able
to obtain page access tokens for pages that the user administers by
querying the [User ID]/accounts Graph API endpoint. With the migration
enabled, when using a short-lived user access token to query this
endpoint, the page access tokens obtained are short-lived as well.
Exchange the short-lived user access token for a long-lived access
token using the endpoint and steps explained earlier. By using a
long-lived user access token, querying the [User ID]/accounts endpoint
will now provide page access tokens that do not expire for pages that
a user manages. This will also apply when querying with a non-expiring
user access token obtained through the deprecated offline_access
permission.