I use accounts-facebook in Meteor 1.4.3.2 to allow my app's users to log in via Facebook. The app also makes other Facebook API calls using the Facebook token accounts-facebook stores in the user document.
Sometimes, when I try to make a call, I get an error:
{
message: 'Error validating access token: Session does not match current stored session. This may be because the user changed the password since the time the session was created or Facebook has changed the session for security reasons.',
type: 'OAuthException',
code: 190,
error_subcode: 460,
fbtrace_id: '...'
}
Facebook says users will need to log in again. I built a flow to fix this problem. When we get a 190/460, we set the services.facebook.accessToken property in their user document to false and email them a link to a page with a "Refresh Facebook Login" button which simply logs them in to the app again via Facebook.
The flow appears to work. I can see the accessToken gets set to false. When I click through on the link in the email and then click the "Refresh" button, I get a token that is different from the previous token. However, when the app tries to make another FB API request, it gets the same 190/460 error with the new token.
If the fix for 190/460 is to have the user log in again, why do I continue to get the error after the user has refreshed the token?
I had a similar issue and solved it going to Facebook developer page
-> Messenger option from the left menu
-> Configuration
then scroll to "access tokens", click "generate token" button and copy that token to your code.
For example in php looks like
$accessToken = 'EAAKHOkhtsDABAJgyp....';
Related
i'm encountering an issue with Facebook login, short context:
We have our auth service in scala
We use a connect.app in vuejs to call our auth service
Facebook login was working like 6 month before
i noticed that Facebook removed our API access due to lack of privacy policy link
i changed the privacy link and clicked on " restore access"
I checked AP ID and Secretkey on our env and it's correct
When i try to login with facebook, i get this message issue on click
Then when i click on "okay" i have more info about error : Invalid value for: query parameter state.
I don't know what i should do to make it works again.
Thanks in advance for your friendly help.
i wrote a very simple function that send some text to a fb app that just post the sended text as post as page where im the admin too.
im using a plugin for laravel that use the longterm fb token as authorization for publish.
unitll now everything works nice, but the post was visible just to me due the developing mode on the app. Today I turn it as pubblic, but i dont works anymore! thats is the error message raised by my plugin:
Exception {#323 ▼
#message: "Graph returned an error: (#200) Requires either publish_to_groups permission and app being installed in the group, or manage_pages and publish_pages as an admin ▶"
#code: 0
#file: "/home/natty/workspace/speechToTextStories/vendor/toolkito/larasap/src/Facebook/Api.php"
#line: 69
trace: {▶}
}
i didnt change anything on my code, and the "long term token" is still good as fb's debugger says. Maybe I touch something on the settings page of the app, but after i try to put again as before...but no results still erros.
On settings i got:
publish_pages
publish_to_groups
manage_pages
I try using this lib https://code.google.com/p/facebook-actionscript-api/,
but when I call FacebookDesktop.init("820024968051122",loginHandler);
I get error:
code: 2500
message: An active access token must be used to query information about the current user.
type: OAuthException
If I call FacebookDesktop.init("820024968051122",loginHandler,"test_user_token");
then all work fine, but where I get token if user is not log in?
Well buddy, you can read the documentation, where you can see that under init there is login method, stating: [static] Opens a new login window so the current user can log in to Facebook.
I've registered an Facebook-App and created a token with all permissions I need. Among them
manage_pages
read_mailbox
read_page_mailbox
Now I want to use the Facebook open graph API to read some data from my own FB-page. I want to read the private messages that the page received and that I sent to some of the fans on my pages behalf.
I know I can get all information by sending a http-request like this:
https://graph.facebook.com/{page-id}/{object}?access_token={token}
where {something} are placeholders for actual values. To give an working example, I can read the postings that appeared on my page by sending this request:
https://graph.facebook.com/141928949155955/posts?access_token={my secret token}
As I said, this works fine, since more than two years. (I just need to update the token from time to time)
But now I want to read the private conversations between the page and it's fans. I want to extract all conversations and insert them into a spreadsheet. I want to do it once, and maybe in 1 or 2 years again. I could extract them manually from the browser window by copy and paste for each conversation, but since there are so many conversations I think it costs less time to let a program do it for me.
If I understand Facebooks Documentation correct, then the keyword that I must use must be conversations. But I get this:
https://graph.facebook.com/141928949155955/conversations?access_token={secret token}
{
"error": {
"message": "(#210) Subject must be a page.",
"type": "OAuthException",
"code": 210
}
}
But 141928949155955 is a page. I don't know what I'm doing wrong. What is the correct request that I must send to receive a pages private conversations?
EDIT (June 16th):
I can read my personal conversations with this request:
https://graph.facebook.com/me/conversations?access_token={secret token}
But I don't want to read the conversations that I made as a person. I need those of one of my pages.
I found the solution for my problem. (Thanks kush, your answer helped a lot, but I want to add some more information)
My problem was that I misunderstood the error message "Subject must be a page." I thought that "Subject" refers to a part in the query string. But it refers to the token! A message like "Token must be a Page Access Token" would have saved me WEEKS of needless searching over a period of more than two years! How can you use a term like "Subject" when you nowhere define what "Subject" is?
So it was not the query string that was wrong. It was the type of the token!
Now here is the complete procedure to solve the problem (get a Page Access Token)
SOLUTION
Step 1
Get a User Access Token for your App that you can use later to get a Page Access Token
1.1 Go to Graph API Explorer https://developers.facebook.com/tools/explorer/
1.2 Select your App from the "Application:" drop down menu.
1.3 Click "Get Access Token".
1.4 From the tab "Extended Permissions" select "manage_pages".
Additionally select all permissions you need for the Page Access Token. (Although now you don't create a Page Access Token, just a User Access Token)
1.5 Click "Get Access Token".
1.6 Grant the permissions by clicking "OK".
In the field "Access Token:" you find now a Token that is an User Access Token. It is not a Page Access Token! This Token has all permissions you need to manage your page (including the permission "manage_pages"), but you can't use it to manage pages since it is the wrong type of token. You need this token only for one reason: To create a new token.
Step 2
Use the User Access Token you just got to create a Page Access Token
2.1 Enter "me/accounts" in the query field
2.2 Click "Submit"
You get a list of your pages, each with an "access_token" (which is now a Page Access Token). Each of this tokens did inherit the permissions from the User Access Token you used when you called "me/accounts".
This Page Access Token expires after one hour.
supplement
If you want a Page Access Token that never expires, do it this way:
A.1 Go to https://developers.facebook.com
A.2 From the drop down menu "Apps" select the App you want to use.
A.3 Click on "show" in the field "App Secret" (you need to enter your Facebook Password)
A.4 Open a new tab in your browser and there execute steps 1.1 to 1.6 from above to generate a short-lived User Access Token
A.5 Open a third Tab in your browser and there enter this string into the address field of your browser:
https://graph.facebook.com/v2.0/oauth/access_token?grant_type=fb_exchange_token&client_id={app-id}&client_secret={app-secret}&fb_exchange_token={short-lived-token} (do not press enter!) If this strings disappears when switching from one browser tab to another use any text editor to assemble the string and copy it later into the address field.
A.6 In this string replace {app-id} and {app-secret} by the values from the browser tab that still shows your Apps data.
A.7 Replace {short-lived-token} with the User Access Token you find in the field "Access Token:" from the Graph API Explorer.
(After this step there are no more curly brackets in the address string)
A.8 send this request (press Enter now)
Your browser window now shows a String with the fields "access_token" and "expires", separated by an ampersand ("&") which is not part of the token. This Token is a long lived User Access Token that will expire in two month.
A.9 Execute Steps 2.1 and 2.2 using the "access_token" from step A.8
The result is a Page Access Tokes with all permissions you selected in Step 1.4 and that never will expire.
Good luck!
Using page access token should help since you are reading from the page ..
Graph api node: GET me/accounts
me/accounts would give you the pages you are admin for and use access token coming in the page info dictionary.
you should get the following data from me/accounts
{
"data": [
{
"category": "Product/service",
"name": "Sample Page",
"access_token": "{page-access-token}",
"id": "1234567890",
"perms": [
"ADMINISTER",
"EDIT_PROFILE",
"CREATE_CONTENT",
"MODERATE_CONTENT",
"CREATE_ADS",
"BASIC_ADMIN"
]
},
}
Use page-access-token to access data from page as the page admin and thou shall receive data :) let me know if this works :)
A successful authorization would return an access token to your app, which you can then use to perform actions to the Facebook API. The error message displayed means you do not have a valid access token which means you probably did not authenticate the app correctly. I would put some logging on the onFacebookError and onError methods to see what the problem is.
Request Permission At Login time So Its Authentication Error
Permission List
https://developers.facebook.com/docs/facebook-login/access-tokens/
Set Permission Reference
https://developers.facebook.com/docs/android/login-with-facebook#permissions
I have a web page which asks the user to log in and then proceeds to get JSon via Graph for a particular Facebook group. It builds the Uri dynamically by taking the access_token that is returned after login. It works fine when I do this, but if I try to log in with a different account, no data for the feed is returned.
One hint in this problem is when the facebook dialog screen appears, it only asks for my username/password. It doesn't ask go to the usual screen where Facebook asks for you to give permissions for "Basic Information" etc. It's just a username/password screen and then I go straight in.
This is the login code:
function login()
{
FB.login(function (response)
{
if (response.authResponse)
{
// connected
var authResponse = response.authResponse;
access_token = authResponse.accessToken;
refresh();
} else
{
// cancelled
}
});
}
One hint in this problem is when the facebook dialog screen appears,
it only asks for my username/password. It doesn't ask go to the usual
screen where Facebook asks for you to give permissions for "Basic
Information" etc. It's just a username/password screen and then I go
straight in.
This is because you've already authorized the app, so once you login it will take you straight to the app.
It works fine when I do this, but if I try to log in with a different
account, no data for the feed is returned.
Well the limited view of code you posted is fine, so something else is the problem. First debug step is to get the access token for that different account, and check the debugger to see if its tied to the appropriate user and scope.