1
votes

I'm using Facebook SDK v5 for PHP and I'm trying to get long-lived USER access token.
I'm getting it, makes long-lived once and save to my database, then I go to another page where I use it to get accesstoken to Facebook PAGE. To this point everything goes fine. Then I refresh my page, and User AccessToken has ["expiry at"] set to 1970-01-01.
I have no idea what is happening, because I don't rewrite this access token in database. And the most wired thing is that, this token works with facebook. So there is my code and response before and after refreshing.

$config = array();
        $config['app_id'] = xxx
        $config['app_secret'] = xxx
        $config['fileUpload'] = false;        
        if(!empty(tokenFromDatabse)){            
            $config['default_access_token'] = tokenFromDatabse;
        }        
        $fb = new Facebook($config);
        $oAuth2Client = $fb->getOAuth2Client();
        if(!empty(tokenFromDatabse)){
            try{    
                $tokenMetadata = $oAuth2Client->debugToken($fb->getDefaultAccessToken());
                $tokenMetadata->validateAppId($config['app_id']);
                $tokenMetadata->validateExpiration();
                }

It's just all what that action do, there is of course catch code. And now, first response from facebook is:

object(Facebook\Authentication\AccessTokenMetadata)#689 (1) {
  ["metadata":protected]=>
  array(7) {
    ["app_id"]=>
    string(15) "xxx"
    ["application"]=>
    string(13) "Local_app"
    ["expires_at"]=>
    object(DateTime)#691 (3) {
      ["date"]=>
      string(26) "2015-10-20 16:07:56.000000"
      ["timezone_type"]=>
      int(3)
      ["timezone"]=>
      string(13) "Europe/Berlin"
    }
    ["is_valid"]=>
    bool(true)
    ["issued_at"]=>
    object(DateTime)#692 (3) {
      ["date"]=>
      string(26) "2015-08-21 16:07:56.000000"
      ["timezone_type"]=>
      int(3)
      ["timezone"]=>
      string(13) "Europe/Berlin"
    }
    ["scopes"]=>
    array(3) {
      [0]=>
      string(12) "manage_pages"
      [1]=>
      string(13) "publish_pages"
      [2]=>
      string(14) "public_profile"
    }
    ["user_id"]=>
    string(15) "xxx"
  }

And after refresh looks like that:

object(Facebook\Authentication\AccessTokenMetadata)#689 (1) {
      ["metadata":protected]=>
      array(7) {
        ["app_id"]=>
        string(15) "xxx"
        ["application"]=>
        string(13) "Local_app"
        ["expires_at"]=>
        object(DateTime)#691 (3) {
          ["date"]=>
          string(26) "1970-01-01 01:00:00.000000"
          ["timezone_type"]=>
          int(3)
          ["timezone"]=>
          string(13) "Europe/Berlin"
        }
        ["is_valid"]=>
        bool(true)
        ["issued_at"]=>
        object(DateTime)#692 (3) {
          ["date"]=>
          string(26) "2015-08-21 16:07:56.000000"
          ["timezone_type"]=>
          int(3)
          ["timezone"]=>
          string(13) "Europe/Berlin"
        }
        ["scopes"]=>
        array(3) {
          [0]=>
          string(12) "manage_pages"
          [1]=>
          string(13) "publish_pages"
          [2]=>
          string(14) "public_profile"
        }
        ["user_id"]=>
        string(15) "xxx"
      }
1
Possibly a bug subscribe to this bug developers.facebook.com/bugs/111761385842972Skyyy

1 Answers

0
votes

Extended page access tokens do not have any default expiry at all. And due to implementation details, a user access token used to request an extended page access token becomes valid “indefinitely” as well.

So the expiry value will be 0, null or something like that. And when formatted as a date, that becomes 1970-01-01, since that is the begin of the unix epoch.