Publish on page using page Access Token and fb_exchange_token

Question

I'm trying to set up an app to publisher on page owned by the user.

1)I ask for permission with js with manage_pages,publish_stream scope

2) $fb->api('/'.$fb->getUser().'/accounts', 'GET', array('access_token' => $token)

3) I get the token by MarcusJoe method in the thread How to extend access token validity since offline_access deprecation

4) store the page access_token in the db

5) post on page with $fb->api('/'.$pageId.'/feed','POST',array_merge(array('access_token'=>$row->token),$params));

so when I'm logged in it works if I do log out getting rid of all my cookies well just for about two hours it works than stop working with the message

Error invalidating access token: Session does not match current stored session. This may be because the user changed the password since the time the session was created or Facebook has changed the session for security reasons.

So I'm at my deep end wondering if I make something wrong :(

Can you help me, please ?

Bye

Answer 1

Every time facebook sends a token your way they also add the "expires" field. The token results have this format:

access_token=XXXXXX&expires=0000

(except for application tokens)

So when you extract the access token get the expiration as well and make sure how long it has. You might want to try the server side authentication since it results with long lived tokens.

When the user logs out the session gets invalidated and your token becomes useless. You have no way to then get a new token except for having the user reengage with your application. There are other situations in which the session gets invalidated such as replacing password, removing your application.