您的位置: 首页  >  技术问答  >  如何以编程方式登录到Facebook OAuth2 API

如何以编程方式登录到Facebook OAuth2 API

分类: 技术问答 2022-05-13 12:05:36
问题描述:

我编写了一个Node.JS脚本,该脚本通过我的facebook应用程序成功连接到Facebook Graph API.当我给它一个oauth access_token时,我可以读取数据,我希望这个脚本每天晚上在服务器上运行以存储一些数据.我对facebook api,oauth和堆栈溢出中的类似问题都做了很多研究.我正在搜索/search/?type=event&q=query端点

I have written a Node.JS script that successfully connects to the Facebook Graph API through my facebook app. I can read data when I give it an oauth access_token, I want this script to run on my server every night to store some data. I have done a lot of research of both the facebook api, oauth and similar questions on stack overflow. I am searching the /search/?type=event&q=query endpoint

但是,Facebook通过oauth2登录过程返回了60天access_token,这要求我创建一个express服务器,该服务器仅启动oauth2进程,允许用户登录并接收access_token代码,我正在存储它.

However, Facebook returns a 60 day access_token through the oauth2 login process that required me to create an express server that simply initiates the oauth2 process, allows the user to login, and receives the access_token code and I am storing it.

我希望脚本保存数据,以便服务器可以每天提供对更新数据的访问.我不需要记住要每60天登录一次以生成密钥.

I want the script to save data so that my server can provide access to updated data every day. I don't want to have to remember to login to generate the key once every 60 days.

是否仍然可以在不设置httpexpress服务器的情况下接收oauth2 access_token? 更重要的是,如何获得access_token而不必每隔60天手动运行该服务器.

Is there anyway to receive a oauth2 access_token without setting up an http or express server? More importantly, how do I get the access_token without manually having to running that server every ~60 days.

我正在使用的模块需要access_tokenclient_secret

The Module I am using requires the access_token and client_secret

fs.readFile('./facebookAuthServer/oauth.txt', function read(err, data) {
    if (err) {
        throw err;
    }
    fbNode.setAuthorization({token: data, clientSecret: authSettings.clientSecret});
    // Use the auth for next call
    fbNode.fetchItems(displayItems);
});

有一些欺骗标头的方法吗?还是可以使用短暂的访问令牌并刷新它?是否要刷新60天令牌?是否有人创建了Oauth2的服务器端实现,该实现不需要第一次访问FB登录?

Is there some way to spoof headers? or could I use a short lived access token and refresh it? Anyway to refresh a 60 day token? Has anyone created a server side implementation of Oauth2 that does not require visiting the FB login more than the first time?

以下是使用请求.

首先,您需要启动并运行OAuth客户端服务器:

First you need an OAuth client server up and running:

var express = require('express')
var session = require('express-session')
var Grant = require('grant-express')

var grant = new Grant({
    server:{host:'dummy.com:3000', protocol:'http'},
    facebook:{
      key:'[APP_ID]',
      secret:'[APP_SECRET]',
      scope:['user_about_me','user_birthday'],
      callback:'/callback'
    }
  })

var app = express()
app.use(session({secret:'very secret'}))
app.use(grant)

app.get('/callback', function (req, res) {
  res.end(JSON.stringify(req.query))
})

app.listen(3000, function () {
  console.log('Oh Hi', 3000)
})

接下来,您需要一个HTTP客户端,该客户端将模拟浏览器请求:

Next you need an HTTP client that will simulate the browser request:

var request = require('request')

request.get({
  uri:'http://dummy.com:3000/connect/facebook',
  headers:{
    'user-agent':'Mozilla/5.0 ...',
    cookie:'datr=...; lu=...; p=-2; c_user=...; fr=...; xs=...; ...'
  },
  jar:request.jar(),
  json:true
}, function (err, res, body) {
  if (err) console.log(err)
  console.log(body)
})

使用方式:

  1. 在Facebook上注册OAuth应用并设置您的站点URL (我假设http://dummy.com:3000)
  2. 127.0.0.1 dummy.com添加到您的主机文件中
  3. 从上方配置并启动服务器
  4. 在浏览器中导航到dummy.com:3000
  5. 打开开发人员工具并导航到网络"标签,确保已选中Preserve log
  6. 导航到http://dummy.com:3000/connect/facebook并照常进行身份验证
  7. 在网络"标签中查看授权请求,并将相关标头复制到HTTP客户端示例(user-agentcookie)
  8. 运行HTTP客户端代码(这是您将不时执行的代码,服务器也应同时运行)
  1. Register OAuth app on Facebook and set your Site URL (I'm assuming http://dummy.com:3000)
  2. Add 127.0.0.1 dummy.com to your hosts file
  3. Configure and start the server from above
  4. Navigate to dummy.com:3000 in your browser
  5. Open up the Developer Tools and navigate to the Network tab, make sure Preserve log is checked
  6. Navigate to http://dummy.com:3000/connect/facebook and authenticate as usual
  7. Take a look at the authorize request in the Network tab and copy the relevant headers to the HTTP client example (the user-agent and the cookie)
  8. Run the HTTP client code (that's the code you are going to execute from time to time, the server should be running as well)

资源:

相关推荐