I want to authenticate native devise by oauth2 access token, which was obtained using client side flow (http://developers.facebook.com/docs/authentication/)
Currently I just call one of the protected method using this token and handle AccessDenied error. May be there is build in 开发者_如何学JAVAmethod that validates token?
Here is ruby sample with OAuth2 gem:
begin
response = JSON.parse(token.get('/me'))
rescue OAuth2::AccessDenied
render :json => { errors: {"" => ["Invalid oauth2 token"]}}
else
...
end
If I understand your question, you're asking how to handle when a valid access token becomes invalid, for example, if a user removes your app. According to this Facebook blog post: https://developers.facebook.com/blog/post/500/, there is no absolute way except for firing an API call, which you surmised. Guess we are all out of luck.
P.S. That blog post has good details on other scenarios a valid access token might expire.
as far as I know, there is no publicly available method / api that we can validate token.
The closest that I know is the access token linter that Facebook has provided.
精彩评论