This topic is extremely hard to Google for because of some unfortunate terminology choices, so here's a quick clarification before I ask my question:
Facebook accounts (i.e. a person's top-level, personal account) can have sub accounts (companies, brands, celebrities, etc) which Facebook unfortunately calls "accounts". The endpoint for interacting with these "accounts" is at [user id]/accounts. For the purposes of this question, I'll refer to these as "sub-accounts"
FACEBOOK STATEMENTS & ACTUAL OBSERVATIONS:
Facebook, in this post (https://developers.facebook.com/roadmap/offline-access-removal/), says a few things:
That there are two types of access_tokens: "the long-lived user access_token will be valid for 60 days while the short-lived user access_tokens are currently valid from 1 to 2 hours" ACTUAL OBSERVATION: Seems true. My app only does server-side, so I can't confirm the short type.
"if the access_token is generated from a server-side OAuth call, the resulting access_token will have the longer expiration time by default" ACTUAL OBSERVATION: My server-side app does produce longer, 60-day expirations.
"When requesting an extended access_token from... https://graph.facebook.com/oauth/access_token?client_id=APP_ID&client_secret=APP_SECRET&grant_type=fb_exchange_token&fb_exchange_token=EXISTING_ACCESS_TOKEN ...if you pass an access_token that had a long-lived expiration time, the endpoint will simply pass that same access_token back to you without altering or extending the expiration time" ACTUAL OBSERVATION: This is not true in my case. When I pass the original 60-day token, I get a different token back. Furthermore, the new, different token does not work at all. The FB endpoint returns an authentication failure when attempting to use it.
"When a user grants an app the manage_pages permission, the app is able to obtain page access tokens for pages that the user administers by querying [User ID]/accounts... By using a long-lived user access token, querying the [User ID]/accounts endpoint will now provide page access tokens that do not expire." ACTUAL OBSERVATION: The page access tokens my app retrieves (using the original, root, 60-day token) ARE expiring after 60 days when they should be infinite. Per #3, I can't try this with the new, different (supposedly extended) access token because it is invalid.
QUESTIONS:
My server-side request produces tokens that are valid for 60 days. Requesting an extended token should echo the same token back, but doesn't. Why not?
The new, different token I'm getting back doesn't work at all. Why not?
If the original access tokens my app gets are the long, 60-day type, then the PAGE access tokens I retrieve with them should be non-expiring. But they do expire. Why?
Any help would be much appreciated!!!
Note to moderators: Before disabling this question for not being "code-oriented" enough, Facebook points all questions to Stack Exchange. https://developers.facebook.com/support/ If I can't ask this question here, then where would I ask it?
UPDATE: The officially-supported way of checking a token for validity is as follows:
graph.facebook.com/debug_token?
input_token={token-to-inspect}
&access_token={app-token-or-admin-token}
When I use this method, the app tokens I've got for my users show an expiration of "0" as they should. So I guess they are infinite. It's impossible for me to know for sure until 60 days have passed whether FB is telling the truth with "expires":0;