I am working through the examples on the Facebook developer pages. I am using their example code.
As per the example code, when I try to perform
$token_url = "https://graph.facebook.com/oauth/access_token?" .
"client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url) .
"&client_secret=" . $app_secret .
"&code=" . $code;
$response = file_get_contents($token_url);
I get a HTTP 400 error. Now, I know my URL is fine, because manually going to that address works, and returns the access code as expected. I can then use this access code in the GRAPH API explorer to make posts without error.
I can get contents of other HTTPS resources, without any issue.
Googleing and searching the FB dev forums has gotten me nowhere, just people saying "your URL is wrong fix it" but I have no spaces or fancy characters anywhere in my URL so at a total loss as what to do here.
TIA.
Related
I'm following the steps very well described here https://stackoverflow.com/a/18399927/2510225 , but, from my server, I receive the following error:
{"error":{"message":"The access token does not belong to application APP-ID","type":"OAuthException","code":1}}
I can't figure what I'm doing wrong. Anyone knows if the process to get a permanent access token has changed, or is having the same issue?
The access token I'm using in the request is the user access token, which I think is correct.
In other words, I'm using this:
GET /oauth/access_token?
grant_type=fb_exchange_token&
client_id={app-id}&
client_secret={app-secret}&
fb_exchange_token={short-lived-token}
With the app_id and app_secret of the app I want to publish on a page and the short-lived-token of the user that have created the app. Is that the right way?
Edition (Image to complement answer from #Sahil Mittal)
That's where I'm taking the API_ID (red arrow). That's correct, right?
Ok, That's how I've solved this, combining both solutions given [here][1] with some tries. :
1) Associate the app with the page (It was probably done)
http://facebook.com/add.php?api_key=_APP_ID&pages=1&page=_PAGE_ID
2)Take the CODE given here:
https://graph.facebook.com/oauth/authorize?client_id=_APP_ID_&scope=manage_pages&redirect_uri=http://www.facebook.com/connect/login_success.html
There will be a very fast output on the URL box of your browser, copy that fast. This output should be like this
https://www.facebook.com/connect/login_success.html?code=1234546bigstringwithlotsoflettersandnumbersdfdarsd#_=_
3)Use the CODE to take the short lived access token of the USER (I guess it can be the same get with the Graph API Explorer))
https://graph.facebook.com/oauth/access_token?client_id=_APP_ID_&redirect_uri=http://www.facebook.com/connect/login_success.html&client_secret=_APP_SECRET_&code=_CODE_
4)Convert the short lived access token to a long lived access token (user yet):
https://graph.facebook.com/oauth/access_token?client_id=_APP_ID_&client_secret=_APP_SECRET_&grant_type=fb_exchange_token&fb_exchange_token=_SHORT_LIFE_ACCESS_TOKEN_
You can check if this access token is long lived in
https://developers.facebook.com/tools/debug/accesstoken
4) Go to Graph API Explorer (https://developers.facebook.com/tools/explorer), click on the "X" to clear the access token box, and fill in the long access token that you created in the previous step.
5) On the box bellow, choose /ACCOUNT/, to see all the pages of the user this access token is related with. The acess token of these pages are never expired access token, which can be verified in https://developers.facebook.com/tools/debug/accesstoken
That's how it worked for for me.
You forgot to replace APP-ID with the relevant App ID.
You can get the same from the app settings
To get the short-lived-token:
if(empty($code))
{
$dialog_url= "http://www.facebook.com/dialog/oauth?"
. "client_id=" . $APP_ID
. "&redirect_uri=" . urlencode( $post_login_url)
. "&scope=publish_stream,email";
echo("<script>top.location.href='" . $dialog_url . "'</script>");
}
else
{
$token_url = "https://graph.facebook.com/oauth/access_token?"
. "client_id=" . $APP_ID
. "&redirect_uri=" . urlencode( $post_login_url)
. "&client_secret=" . $APP_SECRET
. "&code=" . $_REQUEST["code"];
$response = file_get_contents($token_url);
$params = null;
parse_str($response, $params);
$access_token = $params['access_token'];
}
I am working on a Facebook application and I am having trouble sending notifications to users of my app. I reviewed the answers to similar questions on this site and I consulted the Facebook SDK page and tried to apply the following strategy:
<?php
$app_id = YOUR_APP_ID;
$app_secret = YOUR_APP_SECRET;
$token_url = "https://graph.facebook.com/oauth/access_token?" .
"client_id=" . $app_id .
"&client_secret=" . $app_secret .
"&grant_type=client_credentials";
$app_access_token = file_get_contents($token_url);
$user_id = THE_CURRENT_USER_ID;
$apprequest_url ="https://graph.facebook.com/" .
$user_id .
"/apprequests?message='INSERT_UT8_STRING_MSG'" .
"&data='INSERT_STRING_DATA'&" .
$app_access_token . "&method=post";
$result = file_get_contents($apprequest_url);
echo $result;
?>
All I get is an error on my second call to file_get_contents. The error states:
failed to open stream: HTTP request failed! HTTP/1.0 403 Forbidden\r\n
Can anyone give me an idea of what's going on? My first request to graph.facebook.com worked just fine.
Check Facebook is doing OK: Does Facebook Platform Live Status have any relevant information?
Check you have no connection issues with facebook.com in HTTPS: Can you open the URL of the social graph for Facebook Platform's page in your browser?
Check again if the actual URL you're trying to access works and the URL is correct.
Come back here and update the question with the problematic URL and the exact method you're trying to access, or contact Facebook Platform support.
stolen from Facebook graph api doesnt response
I only get this error on mobile devices. The redirect to the login works correctly and the user is redirected back to the app correctly. I get no error. Then, if I access the app a second time (seconds after the first use) file_get_contents throws back a 400 bad request - here's the code - help HIGHLY appreciated :-)
$code = $_REQUEST["code"];
if(empty($code)) {
$my_url = 'https://m.facebook.com/apps/'.$app_id.'/?sid='.$surveyid.'&country='.$country;
$dialog_url = "https://www.facebook.com/dialog/oauth?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url) . "&scope=user_birthday";
echo("<script> top.location.href='" . $dialog_url . "'</script>");
exit();
}
$my_url = 'https://m.facebook.com/apps/'.$app_id.'/?sid='.$surveyid.'&country='.$country;
$token_url = "https://graph.facebook.com/oauth/access_token?"
. "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url)
. "&client_secret=" . $app_secret . "&code=" . $code;
$response = file_get_contents($token_url);
$params = null;
parse_str($response, $params);
$graph_url = "https://graph.facebook.com/me?access_token="
. $params['access_token'];
$user = json_decode(file_get_contents($graph_url));
$me['id']=$user->id;
$me['gender']=$user->gender;
$me['first_name']=$user->first_name;
$me['last_name']=$user->last_name;
$me['birhtday']=$user->birthday;
Have you checked if the session is available the second time?
I see that the session variable might be missing
Then, if I access the app a second time (seconds after the first use) file_get_contents throws back a 400 bad request
Had you used the PHP SDK instead of doing requests against the API “manually”, you would’ve gotten an exception with an error message that should have explained what’s going on – please consider using it in the future, it makes a lot of things easier, including debugging.
As for the current problem, it looks like you are trying to exchange the code parameter for a new access token every time – but this will not possible any more in the future, see https://developers.facebook.com/roadmap/#december-2012, “New security restrictions for OAuth authorization codes”:
We will only allow authorization codes to be exchanged for access tokens once
For newly created apps, this migration is enabled by default – you can disable it for now, and it should be working as expected. But after Dec 5th 2012, you’ll have to have a solution that works without trying to exchange the code for an access token multiple times.
I just created a Facebook App and I want to:
1. user logs in --> browse and select video --> upload to own wall.
I have a bit of code from Facebook Dev. examples, but I get an error.
After reading and error nature, I can imagine my problem is somewhere here:
CODE:
$token_url = "https://graph.facebook.com/oauth/access_token?client_id="
. $app_id . "&redirect_uri=" . urlencode($my_url)
. "&client_secret=" . $app_secret
. "&code=" . $code . "&type=client_cred";
$access_token = file_get_contents($token_url);
ERORR:
{
"error": {
"message": "An active access token must be used to query information about the current user.",
"type": "OAuthException",
"code": 2500
}
}
any ideas?
Thanks!
It looks like the access token you have isn't valid for the current user.
Must first redirect to FB to get the token using your app id:
$dialog_url = "http://www.facebook.com/dialog/oauth?client_id=".YOUR APP ID."&redirect_uri=".urlencode(YOUR CALLBACK URL).'&scope=email,publish_stream';
Updated
It's likely that you haven't request enough permissions, see the scope parameter, you will need the have permission to publish_stream in order to post a user story.
After you have this code, you need to grab the actual app access token by making arequest to a URL which is something like:
$token_url="https://graph.facebook.com/oauth/access_token?client_id={APP ID}&redirect_uri=".urlencode(CALLBACK)."&client_secret={SECRET}&code=$code";
Hi Im trying to write a facebook application that will post a photo to a users page. Ive pretty much word for word followed this tutorial.
but whenever I try and upload a photo I get this error:
{
"error": {
"type": "OAuthException",
"message": "A user access token is required to request this resource."
}
}
I beleive the problem is coming from this code as I'm sending the AppID, AppSecret and post_login_url (which are all correctly populated) however $response is completely blank:
$token_url= "https://graph.facebook.com/oauth/"
. "access_token?"
. "client_id=" . $app_id
. "&redirect_uri=" . urlencode( $post_login_url)
. "&client_secret=" . $app_secret
. "&code=" . $code;
$response = file_get_contents($token_url);
$params = null;
parse_str($response, $params);
$access_token = $params['access_token'];
Any help would be appreciated, as always im on a tight deadline
Thanks,
Doug
The Application Access token is used to make API calls on behalf of an app, your underlying issue is likely that the API call you're trying to make has to be made on behalf of a User and needs a user access token produced when a user authorises your app.
The code you have above should be fine for getting an App Access token