Access token in my db

Question

so if I want to catch errors with expired access token, I have to check this out https://developers.facebook.com/blog/post/2011/05/13/how-to--handle-expired-access-tokens/ and ok, but its a lil bit unclear.

  // known valid access token stored in a database 
  $access_token = "YOUR_STORED_ACCESS_TOKEN";

so I have to keep last users access token in my db ?

  $code = $_REQUEST["code"];

  // If we get a code, it means that we have re-authed the user 
  //and can get a valid access_token. 
  if (isset($code)) {

so if I get $_REQUEST["code"] it means that user has access token ?

My app prints users likes, and if e.g user changes password, i have to get new access token. How should i valid these tokens ? facebook docs are really unclear for me in THIS case ;/

Answer 1

You can do it via exception handling. If your access token is expired or it is invalid it will throw you an error and give you below mentioned message.

public function getUserInfo($access_token)
    {    
               try {
                        $user_info = $this->facebook->api(
                       '/me',
                       'GET',
                               array('access_token' =>$access_token)
                    );
                    } 
                    catch(Exception $e){
                        $message = $e->getMessage();
                            if ((strpos($message, 'Error validating access token') !== false) ||
                                (strpos($message, 'Invalid OAuth access token') !== false) ||
                                (strpos($message, 'An active access token must be used') !== false)
                            ) {
                                echo 'Your custom Message';
                            }
                    }
}

You can pass your access token in to your function and than you check do like above exception handling.

Hope it helps you.

By this way you can get extended access token

 /**
     * Getting User Acess Tocken , extended it and save it in to database......
     */
    public function getAccessToken($user_id,$fb_account_id)
    {
         $access_token=$this->facebook->getAccessToken();               
         $extended_access_token=$this->getExtendedAccessToken($access_token);                
        /** 
         * To save Access tocken and other necessary option
         */  
        $usr_bus_model = new Application_Model_UserBusinessAccounts;                
        $usr_bus_model->loadAccount($user_id,'Facebook',(int)$fb_account_id,false);         
        $usr_bus_model->details=$extended_access_token;
                if(!empty($extended_access_token))
                {
                    $usr_bus_model->status= 'active';
                }
        $usr_bus_model->save();

        return $extended_access_token;
    }

    public function getExtendedAccessToken($access_token)
        {       

            $token_url="https://graph.facebook.com/oauth/access_token";
            $params=array('client_id'=>self :: appId,'client_secret'=>self :: appSecretId,'grant_type'=>'fb_exchange_token','fb_exchange_token'=>$access_token);

              $response = $this->curl($token_url,$params);
              $response = explode ('=',$response);
              $response = explode ('&',$response[1]);
              $response = $response[0];       
              return $response;

        }

I've made above two function. So whenever you need to use access token just call the extended access token also and save this in to your db. So Your access token will never expire.