down_load1117 2017-10-30 03:22
浏览 63
已采纳

Facebook将令牌作为哈希而不是查询字符串的一部分返回

I am using https://www.facebook.com/v2.10/dialog/oauth endpoint to get access tokens in order to publish on behalf of my users.

I am trying to follow this guide: https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/

My request looks like this: https://www.facebook.com/v2.10/dialog/oauth?client_id=...&response_type=code%20token%20granted_scopes&redirect_uri=...

And I am getting the following back: http://localhost:8000/?%2Fcallback&some=query#access_token=...&expires_in=6094

The question is why I am getting the token and expire_in as hash (notice the # above) instead of part of the query string so I can capture it by PHP's $_GET? And how can I fix that?

  • 写回答

1条回答 默认 最新

  • doq1969 2017-10-30 18:56
    关注

    The question is why I am getting the token and expire_in as hash (notice the # above) instead of part of the query string so I can capture it by PHP's $_GET? And how can I fix that?

    The parameter response_type specifies what you get back, see https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow#login

    You can choose whether you want a code returned as GET parameter, a token in the hash - or both, for a client- and server-side app that might need the/a token on both, but would on the server-side rather exchange a code via API, than trust a token send from the client. And you can also ask for the granted scope of permissions the user accepted - for apps that need to know whether certain essential permissions were granted, that can save an extra API request.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥20 BAPI_PR_CHANGE how to add account assignment information for service line
  • ¥500 火焰左右视图、视差(基于双目相机)
  • ¥100 set_link_state
  • ¥15 虚幻5 UE美术毛发渲染
  • ¥15 CVRP 图论 物流运输优化
  • ¥15 Tableau online 嵌入ppt失败
  • ¥100 支付宝网页转账系统不识别账号
  • ¥15 基于单片机的靶位控制系统
  • ¥15 真我手机蓝牙传输进度消息被关闭了,怎么打开?(关键词-消息通知)
  • ¥15 装 pytorch 的时候出了好多问题,遇到这种情况怎么处理?