I ask for a Facebook access token with deprecate_offline_access turned on, and I get following response:
access_token=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX&expires=5183977
Does anybody know, what "expires" parameter means? It's value is not timestamp...
I would like to know when the token expires, how could I do this?
Thank you.
The "expires" parameter is just the time remaining from the time of request until the expiration time. It should be read as "expires in 5183977 seconds from time of request".
5183977 seconds = 59.9997337962963 Days.
and answer to your last question 'what will I get if token is expired? will I get exception or just expired=0?'
you will get notification before token expire. If it is already expired (for mainly different reasons explained in facebook developer documentation) you have to re0auth the app and have to get new access token which will be again valid for next 60 days.
Related
I am working with old version of Facebook access_token endpoint. But i cant find description of expires value returned by the server..
The value is: 5183764
What is it? Seconds token expires in? I have tried to convert the current Linux epoch time + returned into date and the token would expire in October.. Is it OK?
What is it? Seconds token expires in?
Yes, it’s the seconds until the token expires. https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow#exchangecode
I have tried to convert the current Linux epoch time + returned into date and the token would expire in October.. Is it OK?
About two month is the lifetime of an extended user access token, so yeah – that sounds o.k.
Question says it all. I couldn't find anywhere in the API that states what happens when it expires. Do you have to open that "Works with Nest" webpage again and get a new authorization code? Or, using the same authorization code, just get a new token? And how will Nest indicate the token has expired?
Expiration date comes back in the OAuth response and is set to 10 years in the future, which is practically forever. That gives Nest quite a few years to come up with a refresh or expiration story.
is there a way to get longer token expiration time, or some kind of "permanent" token for client application ( Similarily as in DropBox API's)
SInce there seems to be problems with resumable upload to google drive when token expires, this could help in this situation ?
or is there just a way to define the token validity time to be bigger than 1 hour
br. Jarno
No accessTokens are only good for 1 hour. But you have a refreshToken that was returned along with your accessToken. You can use that to get a new AccessToken when the first one has expired.
Options:
Test either the expire time to see if its getting close to expireing and get a new one before it expires.
Wait until you get the error that says it has expired. Then request a new AccessToken
Personaly I like to get a new one 5 minutes before my AccessToken expires then I avoid an error from the google servers.
Just read about the offline_access permission being removed and therefore having the new system of "extended access tokens".
My problem is that i'd like to save the expiration timestamp to take care that the saved access tokens are always valid, but the Documentation doesn't provide a time that the extended token is valid for.
Does anyone have more information regarding that?
It'd be interesting to know if they long-living tokens are valid for days, weeks or months.
When you use the new endpoint which is explained in the post you linked to:
https://graph.facebook.com/oauth/access_token?
client_id=APP_ID&
client_secret=APP_SECRET&
grant_type=fb_exchange_token&
fb_exchange_token=EXISTING_ACCESS_TOKEN
The response will have this form:
access_token=xxxxx&expires=yyyyy
The expires param is what you are after I believe.
Long lived tokens are good for 60 days, and you can check tokens (for debugging) with the Debug Tool which will tell you everything you need to know about the token.
Edit
A few more things.
The "expires" parameter gives you the time left until expiration, so the expiration time is timestamp of now + expires.
It's easy to check this with out the need to do any development, just create a fb app (if you don't have one), go to the Access Token Tool and copy the user token from your app, then using curl make a request to the new endpoint.
As for extending the long lived tokens, there's no way to do that, you'll need to re-authenticate the user after that, as it states in the same post:
If you pass an access_token that had a long-lived expiration time, the
endpoint will simply pass that same access_token back to you without
altering or extending the expiration time
Another point is that you can get long lived access tokens by using the Server-Side authentication flow, but those too can not be extended.
It only returns back access_token not
access_token=xxxxx&expires=yyyyy as mentioned above.
Atleast that is what I can see...
I am a little confused about calculating the time until the access token expires.
I am using server authentication (http://developers.facebook.com/docs/authentication/server-side/).
When I get the authentication code from the Facebook's request to my redirect URL, I send an authentication request back to Facebook and I get the access token along with 'expires' parameters, lately I could see that the expires is a long value that represents the time in seconds until the token expires. For some reason I think it used to be time in miliseconds.
Can I assume that the expiration time is now + expires (in seconds) - it seems to me too long (about ~5109691 seconds) - does it make sense?
Thank you for your help.
Server authenticated access tokens are valid for two months.
The value you are receiving is correct.
Edit:
https://developers.facebook.com/roadmap/offline-access-removal/
Read the 'Server-side OAuth Developers' section.