Extended access token from Facebook not working properly

Question

I am having trouble since Facebook has removed the offline_access permission.

Tried 2 things:

1. I am making the call as suggested by Facebook.

   https://graph.facebook.com/oauth/access_token?             
       client_id=APP_ID&
       client_secret=APP_SECRET&
       grant_type=fb_exchange_token&
       fb_exchange_token=EXISTING_ACCESS_TOKEN 
   

2. I also tried the Android SDK, which uses an intent to get an extended access token:

   intent.setClassName("com.facebook.katana", "com.facebook.katana.platform.TokenRefreshService");
   

At developers.facebook.com I set my app to "Native/Desktop".

I disabled the offline_access on the App settings as well.

I removed the old permissions from my Facebook account before trying.

Both methods provide me with 24 hour tokens. Maybe someone can help me with making the right call to get a 60 day token?

I saw quite a few bug reports about this issue, but also that they were solved. It looks like not in my case.

Answer 1

use following function to get extended access token: public function getExtendedAccessToken(){

try {
    // need to circumvent json_decode by calling _oauthRequest
      // directly, since response isn't JSON format.
    $access_token_response =
        $this->_oauthRequest(
            $this->getUrl('graph', '/oauth/access_token'),
            $params = array(    'client_id' => $this->getAppId(),
                                'client_secret' => $this->getApiSecret(),
                                'grant_type'=>'fb_exchange_token',
                                'fb_exchange_token'=>$this->getAccessToken(),
                          ));

} catch (FacebookApiException $e) {
  // most likely that user very recently revoked authorization.
  // In any event, we don't have an access token, so say so.
  return false;
}

if (empty($access_token_response)) {
  return false;
}

$response_params = array();
parse_str($access_token_response, $response_params);
if (!isset($response_params['access_token'])) {
  return false;
}

return $response_params['access_token'];

}

Answer 2

Assuming you are using the Facebook SDK, it allready has a method build in for exactly that.

facebook.extendAccessTokenIfNeeded(this, null);

this being the context and null being serviceListener.

You can use extendAccessToken as well, same principal

Answer 3

Have you tested to see if the token lasts more than 24 hours? According to the documentation, in some cases, only the expiration time is updated while the token remains the same:

The returned access_token will have a fresh long-lived expiration time, however, the access_token itself may or may not be the same as the previously granted long-lived access_token.