Reputation: 281
I'm trying to use the Facebook Graph API to grab photo albums from Facebook and place them on a website I'm working on. I am using PHP as my language with the Codeigniter framework and am redirecting to a Facebook URL to get an access token for the user. Facebook returns an access token to me and I grab it and insert it into my database.
That being said, when I try to grab the JSON data for the photo album by going to to a the graph URL, it returns an error. The graph URL and error are:
https://graph.facebook.com/1298926000574/photos?access_token=[MY ACCESS TOKEN]
My access token: AQBxqdB64GHNTGY5Yp_IOuMY7NerwNtXVVrp2HwT1qXj02zqU-63KJDyB2jzqurlJ4M0vd7TAu7upA6T7ZYQzIChr2PgD1dpu-6Iebi0WVILbBSBOu-yj7sgcHSGS-Ew4Yio0I9In-1O5jOxbYLDMbI0Zmwk-F1-u-7a8iVvTJram8PvpmdRt5eg
Returned error:
{
"error": {
"message": "Malformed access token [MY ACCESS TOKEN]",
"type": "OAuthException",
"code": 190
}
}
I'm really unsure why Facebook keeps returning this error to me. The access token is quite long and I'm storing it in my database as a "text" field. I followed their instructions and now they are shooting me in the foot. Any help would be much appreciated.
Upvotes: 28
Views: 34500
Reputation: 31201
The access token should consist of your app id and your access token with a pipe (|
) character between them: 123456789012345|AbCDefGHijKLMNOpqRSTUVwxYZ
.
Note: In this tutorial I use only dummy credentials. They will be in the same style as real ones would be but their exact value is just a series of incremented numbers or characters. Never post your actual credentials online!
Requirements:
123456789012345
ZYxwVUTSRqpONMLKjiHGfeDCbA
If you follow the access token creation guide you will find this URL where you can create one:
GET /oauth/access_token?client_id={app-id}&client_secret={app-secret}&grant_type=client_credentials
If we insert in our dummy credentials the GET request's URI should look like this:
http://graph.facebook.com/oauth/access_token?client_id=123456789012345&client_secret=ZYxwVUTSRqpONMLKjiHGfeDCbA&grant_type=client_credentials
The response will be:
{
"access_token": "123456789012345|AbCDefGHijKLMNOpqRSTUVwxYZ",
"token_type": "bearer"
}
The access token consists of your app id followed by a pipe (|
) then the string that could be called the actual access token.
Requirements:
123456789012345|AbCDefGHijKLMNOpqRSTUVwxYZ
1234567890
In this example I will follow the official facebook guide on sending notifications. They showed this template:
POST /{recipient_userid}/notifications?access_token=... &template=...&href=...
That means, after you fill in your credentials an example POST request should look like this:
http://graph.facebook.com/1234567890/notifications?access_token=123456789012345|AbCDefGHijKLMNOpqRSTUVwxYZ&template=Test&ref=notif_test
Upvotes: 1
Reputation: 1470
I had this same problem and I found this post searching for a solution. I noticed that 'our' access token had a lot of odd symbols, while others are just an Alphanumeric string.
I believe that the mistake you (and I) made was mixing the code with the access_token
After sending the facebook user to your api to confirm access, they get returned to your website with $_GET['code']
. This code needs to be verified with Facebook, who will return the access_token on success.
$app_id = [YOUR_APP_ID];
$app_secret = [YOUR_APP_SECRET];
$my_url = [THE_SAME_AS_THE_POST_BEFORE];
$code = $_GET['code'];
$token_url = "https://graph.facebook.com/oauth/access_token?"
. "client_id=" . $app_id . "&redirect_uri=" . urlencode($my_url)
. "&client_secret=" . $app_secret . "&code=" . $code;
$response = file_get_contents($token_url);
$params = null;
json_decode($response, $params);
$access_token = $params['access_token'];
More info about fetching an access_token with PHP
More info about using the correct redirect_uri
Upvotes: 72
Reputation: 31250
You are sending code
instead of access_token
in your request.
The solution for Laravel Socialite users:
Use:
$response = Socialite::driver($provider)->getAccessTokenResponse($request['code']);
$user = Socialite::driver($provider)->userFromToken($response['access_token']);
Instead of:
$user = Socialite::driver($provider)->user();
Upvotes: 1
Reputation: 10887
As error says it's malformed exception means error in formatting the request
.
https://graph.facebook.com/me/photos/?access_token=[your_accesstoken]
So it would be like
https://graph.facebook.com/me/photos/?access_token=AQBxqdB64GHNTGY5Yp_IOuMY7NerwNtXVVrp2HwT1qXj02zqU-63KJDyB2jzqurlJ4M0vd7TAu7upA6T7ZYQzIChr2PgD1dpu-6Iebi0WVILbBSBOu-yj7sgcHSGS-Ew4Yio0I9In-1O5jOxbYLDMbI0Zmwk-F1-u-7a8iVvTJram8PvpmdRt5eg
Upvotes: -1
Reputation: 647
One wp plugin was returning same error, and this was the solution, it may be related to your problem:
Php requests the access_token, and facebook servers return it.
The returned message containing access_token USED to be a like:
access_token=.......
But for newly created applications (2012), facebook servers return:
access_token=.....&expires=.....
If your code is parsing this wrongly, as in
$access_token=str_replace('access_token=','',$message);
then your $access_token wrongly contains the extra &expires etc.
it should be parsed like:
parse_str($message,$ar); $access_token=$ar['access_token'];
Upvotes: 3
Reputation: 33
I had the same problem. Figured how it's working and here's for anyone who's sinking in the same mud.
require 'facebook-php-sdk/facebook.php';
$facebook = new Facebook(array(
'appId' => 'APP ID',
'secret' => 'SECRET KEY',
));
// Get User ID
$user = $facebook->getUser();
if ($user) {
$accessToken = $facebook->getAccessToken();
try {
$url = "https://graph.facebook.com/1298926000574/photos?access_token=".$accessToken;
$photos = $facebook->api($url);
var_dump($photos);
} catch (FacebookApiException $e) {
$user = null;
}
}
} else {
//echo "You need to login";
header("Location:".$facebook->getLoginUrl());
}
Upvotes: 2