Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Merge pull request #24 from mattwkelly/master

Added ability to extend tokens
  • Loading branch information...
commit 1270f0debaab3b93d683a9817c7adbc7e9e5cdc0 2 parents 42481fa + f336af0
@mattwkelly mattwkelly authored
Showing with 43 additions and 0 deletions.
  1. +43 −0 src/base_facebook.php
View
43 src/base_facebook.php
@@ -344,6 +344,49 @@ public function setAccessToken($access_token) {
}
/**
+ * Extend an access token, while removing the short-lived token that might
+ * have been generated via client-side flow. Thanks to http://bit.ly/b0Pt0H
+ * for the workaround.
+ */
+ public function setExtendedAccessToken() {
+ try {
+ // need to circumvent json_decode by calling _oauthRequest
+ // directly, since response isn't JSON format.
+ $access_token_response = $this->_oauthRequest(
+ $this->getUrl('graph', '/oauth/access_token'),
+ $params = array(
+ 'client_id' => $this->getAppId(),
+ 'client_secret' => $this->getAppSecret(),
+ 'grant_type' => 'fb_exchange_token',
+ 'fb_exchange_token' => $this->getAccessToken(),
+ )
+ );
+ }
+ catch (FacebookApiException $e) {
+ // most likely that user very recently revoked authorization.
+ // In any event, we don't have an access token, so say so.
+ return false;
+ }
+
+ if (empty($access_token_response)) {
+ return false;
+ }
+
+ $response_params = array();
+ parse_str($access_token_response, $response_params);
+
+ if (!isset($response_params['access_token'])) {
+ return false;
+ }
+
+ $this->destroySession();
+
+ $this->setPersistentData(
+ 'access_token', $response_params['access_token']
+ );
+ }
+
+ /**
* Determines the access token that should be used for API calls.
* The first time this is called, $this->accessToken is set equal
* to either a valid user access token, or it's set to the application
Please sign in to comment.
Something went wrong with that request. Please try again.