Reputation: 40030
Problems with extending Facebook access token on iOS after the offline_access permission was depreciated
I'm trying to figure out how my iOS app should work after Facebook make the offline_access permission deprecated. Docs are unclear and I read them all a couple of times.
What I'm trying to do is:
I authorise my iOS app with FB:
[_facebook authorize: [NSArray arrayWithObjects: @"email", @"publish_stream", @"user_birthday", nil]];Then, I request the
"me"from graph API to get the FB ID cause I need it:[_facebook requestWithGraphPath: @"me" andDelegate:self];Then in:
-(void)request: (FBRequest*)request didLoad: (id)result
I check the expiration date of the token
if ([_facebook.expirationDate timeIntervalSinceNow] < 60*60*24) // 1 day
{
[self extendAccessTokenWithAppID:kFacebookAppID
appSecret:kFacebookAppSecret
existingToken:_facebook.accessToken];
}
My method that extends the token simply contacts the endpoint which is described in the docs I mentioned at the beginning.
-(void)extendAccessTokenWithAppID:(NSString*)appID appSecret:(NSString*)appSecret existingToken:(NSString*)existingToken
{
NSString *requestString = [NSString stringWithFormat:@"oauth/access_token?client_id=%@&client_secret=%@&grant_type=fb_exchange_token&fb_exchange_token=%@", appID, appSecret, existingToken];
[_facebook requestWithGraphPath: requestString andDelegate: self];
}
I handle the response in
- (void)request: (FBRequest*)request didLoad: (id)result
but what I get is always the same token and the same expiration date that I passed to the endpoint. The expiration date is never extended and is just a short 1-2 hours (normal for short lived access token). This means that the token was not extended.
I have Remove offline_access permission set to Disabled.
Do you know what can be wrong in my approach? Thanks for any help!
P.S I found similar questions on StackOverflow but none of the answers is working for me, e.g. Access Token expire time with offline_access permission
Update:
Enabling the Remove offline_access permission makes FB return only long lived tokens. I tested this by creating a new FB account and logging with this account in my app. I was given the long lived token straight away.
With Remove offline_access permission disabled FB gives me only short lived access tokens, even if I try to extend the short lived token using the endpoint provided in the docs. The endpoint returns same token with the same expiration date.
The crucial problem is that I cannot test the scenario when FB gives me short lived access token and I contact the endpoint to extend it to be long lived access token. Seems like FB developers are not ready for the feature they want to introduce.
Upvotes: 2
Views: 2392
Answers (1)
Reputation: 43816
Things to check which could be causing you problems here
- You have disabled offline_access in the advanced settings of your app
- You're using the most recent copy of the SDK. It's currently unversioned, but older copies won't support the access token extension
- You've configured SSO per the instructions in the docs
- You've waited until a user's token expires entirely - you may be getting 'new' short tokens because you're retrying, but once the token expires entirely, you should get a longer token the next time the user comes back
Upvotes: 1
Related Questions
- How to extend access token validity since offline_access deprecation
- Facebook SDK for iOS Access Token Issue
- Facebook oauth/access_token missing
- How to extend access token with the new iOS SDK 3?
- Facebook access token missing expiry property (after offline_access deprecations)
- Facebook iOS SDK extendAccessToken not Working - fbDidExtendToken not being called
- Can't save Facebook accessToken in SDK 3.2
- How to handle Facebook's deprecation of offline_access when you use token both in both iOS app and a server
- After disabling offline_access and removing the app from app settings I no longer get an extended access token
- Extending existing offline access_tokens