应用程序提供的访问令牌存在问题
我们最近推出了一款新应用程序,其中一个功能是如果用户喜欢某个特定页面,则提供折扣。我已经在多个帐户上成功测试了该功能,我们继续发布。我们使用图形 API 检索他们喜欢的所有页面的列表,并检查所需的页面是否在其中:
https://graph.facebook.com/me/likes?access_token=ACCESS_TOKEN
我们已经有一些用户联系我们并提醒我们即使在购买后他们也没有看到折扣d喜欢该页面。我们能够请求其中一个帐户的详细信息,并观察到以下情况。
当应用程序获得授权后,Facebook 会将它们发送到我们的网站,并在 HTTP 请求中包含访问令牌(我们为图形 API 调用提取该令牌)。
https://example.com/?ref=ts
POST /?ref=ts HTTP/1.1
...
Set-Cookie: fbs_uid=%22uid3D%26access_token%3[ACCESS_TOKEN_REMOVED]%26expires%3D1318381200%26sig%3Dd0b6fdf09befedf022cdea8b58887348%22; expires=Wed, 12-Oct-2011 01:00:00 GMT; path=/
所以你可以在那里看到访问令牌。奇怪的是,当我们尝试使用 Facebook 提供的访问令牌进行 API 调用时,它再次返回空结果(即使他们喜欢页面) - 这仅适用于某些帐户。更令人困惑的是,当我们以同一会话登录时进入 Facebook 开发者页面 (https://developers.facebook.com/docs/reference/api/) 并单击 /me/likes 链接时,我们得到用户喜欢的完整列表,但具有不同的访问令牌。
因此,为 Facebook 提供的访问权限似乎不足以提取数据。这只会影响某些帐户,而不影响其他帐户,所以我想知道是否存在某种形式的配置问题,但从我的立场来看,我看不到任何解决该问题的方法,因为 facebook 提供的数据似乎不正确。
使用 Facebook 提供的访问令牌,我们不会收到任何错误(即,我们不会收到“验证访问令牌时出错”的消息),因此访问令牌确实有效。
We recently launched a new app, and one of the features was to provide a discount if a user had liked a particular page. I had successfully tested the functionality on numerous accounts, and we went ahead with the launch. We used the graph API to retrieve a list of all pages they'd liked, and checked if the desired page was in there:
https://graph.facebook.com/me/likes?access_token=ACCESS_TOKEN
We've had some users contacting us and alerting us that they weren't seeing the discount even after they'd liked the page. We were able to request the details for one of those accounts, and observed the following.
When the app is authorised, Facebook sends them to our website with the access token in the HTTP request (which we pull for graph API calls).
https://example.com/?ref=ts
POST /?ref=ts HTTP/1.1
...
Set-Cookie: fbs_uid=%22uid3D%26access_token%3[ACCESS_TOKEN_REMOVED]%26expires%3D1318381200%26sig%3Dd0b6fdf09befedf022cdea8b58887348%22; expires=Wed, 12-Oct-2011 01:00:00 GMT; path=/
So you can see the access token in there. What's strange is that when we try to make the API call with the access token provided by Facebook, it returns an empty result (even though they've liked pages) again - this is only for certain accounts. What's even more confusing is that when we go to the Facebook Developers page while logged in as the same session (https://developers.facebook.com/docs/reference/api/) and click the /me/likes link, we get a complete list of the user's likes, but with a different access token.
So it appears that the access taken provided for Facebook is insufficient in pulling the data. This only affects certain accounts and not others, so I'm wondering if there's some form of configuration issue, but from where I stand I don't see any way of resolving it, since the data provided by facebook appears incorrect.
With the access token provided by Facebook, we don't get any errors (i.e. we don't get an "Error validating access token"), so the access token does validate.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
检查不起作用的访问令牌,看看 Facebook 对此有何评论。它可能会为您提供有关错误的线索。
https://developers.facebook.com/tools/lint
Lint your access token that is not working and see what Facebook has to say about it. It might give you clues as to what is incorrect.
https://developers.facebook.com/tools/lint