REVISED QUESTION
I realize using the response to: $facebook->api('/me?access_token='.$access_token) will determine whether you need a new access token. So my question below can be simplified to this:
If the user has not deauthorized the app, is there an FB-approved way to get a new access token without a redirect to the auth log?
OLD QUESTION
As pointed out in this question, Facebook (offline) access tokens expire for a variety of reasons. This solution is provided by Facebook for reauthorizing and grabbing a new offline access token.
However, that solution assumed I want the following behavior:
- Redirect my users to auth dialog
- If they haven’t deauthorized my app, I automatically get a new access token
- If they have deauthorized my app, they will get an auth dialog box to reauthorize.
However,
- If the user has not deauthorized my app, I would like a new access token.
- If the user has, I do not want an auth dialog (nor a new access token).
- Ideally, this could be done in PHP, without redirects to auth dialogs
If you app is authorized by the user, you can get a new access token with this javascript:
This will not prompt the user for a redirect to auth log. Simple stuff documented in Facebook’s
getLoginStatus.This of course won’t work, unless the user is logged into Facebook, has authorized your app, and visits your page (for my purposes this assumption was fine). But you can ask for
offline_accesspermission and store the new access key for later use of course.My question said ideally this would be handled server side. Unfortunately, the behavior of this php:
$access_token = $facebook->getAccessToken();is not identical to the access token response generated by the Javascript SDK. See this question.