facebook access token is invalid - trying to post to facebook website-“page” via app using a cron

问题

I am trying to post to my website's Facebook fan-page via a cron on my server.

I created a user on Facebook named "John Doe", i made him admin on my website's Facebook fan-page and then i created an app from that user in sandbox mode, so only he, "John Doe" can "run" it.

I gave the necessary permissions to my app from "John Doe" who runs it.

I can manually get the access tokens through developers.facebook.com and use them to post from my php cron script to my website's Facebook fan-page through "John Doe"'s app.

The problem is, that in order for this to work, my "John Doe" facebook user must be logged-in.

What should i do so my website php cron script has always automatically valid access token so it can post to website's Facebook fan-page successfully via the application which the administrator "John Doe" is using and has allowed access?

Right now i manually log-in to facebook as "John Doe" and i am copy-pasting the access token from developers.facebook.com to my php script and it works.

(Succesfull posts in my website's Facebook fan-page are shown like "m-y-w-e-b-s-i-t-e shared a link via m-y-a-p-p" so i am pretty sure that apart from the access-tokens everything else is ok)

Thank you in advance

回答1:

This question is very similar to my own question and I've spent 2 days trying to solve this. The solution is super simple.

1. Set your app to Native/Desktop so you can get a 60-day token (you'll turn this to permanent later). Do this by going to https://developers.facebook.com/apps/ Edit settings > Advanced > Choose Native/Desktop in the App type.

2. Go to https://developers.facebook.com/tools/explorer/ select your app, and Get Access Token

3. In the Extended Permissions tab, select manage_pages and publish_stream

4. Now you have a 60-day temporary token.

5. To get your permanent token, go here and use your temporary token: https://graph.facebook.com/me/accounts?access_token=REPLACE_THIS_WITH_YOUR_TEMPORARY_TOKEN

You should see permanent access token to all Facebook pages which you are an admin

回答2:

See https://developers.facebook.com/docs/roadmap/completed-changes/offline-access-removal/ - specifically Scenario 5 -

1. Use the server-side Oauth flow (see the Login docs for details) to obtain the access token for the page admin (which has manage_pages permission)

2. Retrieve the Page Access token you retrieve from /me/accounts or /<PAGE ID>?fields=access_token.

This Page access token will have infinite expiry, meaning it won't expire unless unless the user stops being an admin of the page, removes your app, kills all their app sessions, etc.

来源：https://stackoverflow.com/questions/13364131/facebook-access-token-is-invalid-trying-to-post-to-facebook-website-page-via