问题
Im making an app that returns various Facebook content and need to store a long term access token in a database. I'm aware that its not advisable to use the offline_access permission as it is being removed very soon.
The Facebook documentation itself seems very confusing... Theres a blog post from 2011 (https://developers.facebook.com/blog/post/2011/05/13/how-to--handle-expired-access-tokens/) that indicates how to handle invalidated access tokens when a user logs out, but:
1 - It's from 2011 meaning it was written long before these new 60-day tokens were introduced.
2 - It mentions the offline_access permission in the "user logout" section of the answer, which leads me to believe it cant be totally relied on when using this newer method.
I've seen many similar problems to mine, and all answers seem to direct to the above mentioned post, which isnt of any use to me (for the above listed reasons).
I've put in place the method to exchange tokens to 60 day tokens, and this appears to be working (until a user logs out - and invalidates the token).
However, im finding that some accounts (although very few) can log out and the token stays valid, while for others (most) logging out invalidates it.
Im wondering if there is perhaps some permission or setting that allows you "turn off" logging out invalidating access tokens?
来源:https://stackoverflow.com/questions/10146686/how-can-i-make-it-so-logging-out-doesnt-invalidate-my-facebook-access-token