2

I am trying to write a C# desktop/forms application which reads a user's timeline and/or newsfeed.

I have created an app for the user and have used the access token tool to generate an access code for the app/user.

This code worked OK a few days ago

var accessToken = "<user token goes here>";
var client = new Facebook.FacebookClient(accessToken);
dynamic me = client.Get("me");      
string tz = me["timezone"].ToString();

But today I have this error OAuthException - #190 Error validating access token: Session has expired

From the token tool (https://developers.facebook.com/tools/accesstoken/) I cannot see how to extend the token lifespan. Nor can I delete it to create a new one,

  1. Is there a way to refresh or recreate my own token from a C# desktop application
  2. Assuming 1 is possible can anyone point me in the right direction on how I go about reading my timeline and/or newsfeed.

Thanks in advance!

Martha
  • 81
  • 1
  • 1
  • 8

1 Answers1

0

In general, it is quite hard to authenticate a User in a desktop application. Have a look at my answer to the question Obtaining a Facebook auth token for a command-line (desktop) application The only chance is using a WebView.

It is possible to exchange short-lived Access Tokens into long-lived ones: https://developers.facebook.com/docs/facebook-login/access-tokens/#extending

Concerning your questions:

  1. Yes, but only in a way as descibed in my answer linked above

  2. You can use the following endpoints, depending on what you want to achieve:

Community
  • 1
  • 1
Tobi
  • 31,405
  • 8
  • 58
  • 90
  • I have tried to do this using a WebBrowser control. I issue the following request: "https://www.facebook.com/dialog/oauth?client_id=&redirect_uri=https://www.facebook.com/connect/login_success.html&response_type=token" and get back "https://www.facebook.com/connect/login_success.html#access_token=&expires_in=4633" I would have expected to have been authenticated for username/password, rather than automatically getting an access token. What is happening? – Martha Apr 15 '14 at 14:47
  • That's totally correct like you did it. You can then use the access token to "sign" the requests to the Graph API. Be sure to exchange it for a long-lived token first. – Tobi Apr 15 '14 at 15:30
  • Thanks. My question was, that I would not have expected the access token back until I had been prompted to type in my username/password. This stage was bypassed. Why was it bypassed ? – Martha Apr 15 '14 at 15:51
  • Normally (in a standard browser) FB recognizes if you are already logged in via a cookie. What says https://developers.facebook.com/tools/debug/ if you paste the access token? – Tobi Apr 15 '14 at 16:09
  • You also need to add the scope parameter to the request as I described in the other answer: https://www.facebook.com/dialog/oauth?client_id={YOUR_APP_ID}&redirect_uri=https://www.facebook.com/connect/login_success.html&response_type=token&scope={YOUR_PERMISSION_LIST} – Tobi Apr 15 '14 at 16:10
  • debug says "Error validating access token: The session is invalid because the user logged out." But that token is still getting automatically returned from the first URL. Using all browsers I have installed; none log into fb automatically so I am assuming I dont have anything cached in cookies. – Martha Apr 15 '14 at 16:21
  • when adding scope parameter how would I add more than one permission? is this done with comma? E.g. &scope=basic_info,user_groups,read_stream – Martha Apr 15 '14 at 16:29
  • Also I see that permission read_stream allows access to newsfeed. What allows access to timeline. Is it possible to read this ? – Martha Apr 15 '14 at 16:30
  • Please please, read the docs and the attached links. &scope=basic_info,read_stream is enough, multiple are separated by comma – Tobi Apr 15 '14 at 16:30
  • Thank you for your help so far. I am making progress. I now have an long-life token. I notice now that when this call happens the access_token returned is the same as the one passed in. Is this normal? Is this because the one passed in is considered active and long life, so that there is no need to recycle and renew it ? – Martha Apr 16 '14 at 13:41
  • You can paste the access token in https://developers.facebook.com/tools/debug/ to receive info about the validity – Tobi Apr 16 '14 at 15:45