{"id":1733,"date":"2010-09-03T17:23:53","date_gmt":"2010-09-03T16:23:53","guid":{"rendered":"http:\/\/www.nivas.hr\/blog\/?p=1733"},"modified":"2011-03-02T11:28:45","modified_gmt":"2011-03-02T10:28:45","slug":"facebook-php-sdk-access-token-signing-bug","status":"publish","type":"post","link":"https:\/\/www.nivas.hr\/blog\/2010\/09\/03\/facebook-php-sdk-access-token-signing-bug\/","title":{"rendered":"Facebook PHP SDK access token signing bug"},"content":{"rendered":"

So if you are getting <\/p>\n

The method you are calling or the FQL table you are querying cannot be called using a session secret or by a desktop application.<\/p><\/blockquote>\n

while trying to run some old facbook REST API while using new php sdk<\/a> this post is for you!<\/p>\n

Truth is the some REST calls dose not have new graph equivalent. Like for example dashboard.addGlobalNews<\/strong>. <\/p>\n

SDK even in new 2.1.1. version still dose not know how to sign old REST api calls. <\/p>\n

When making a call SDK internally calls getAccessToken<\/strong> method to get token.
\nIf you mix new graph api with old REST api internal check for type of api message signing will go havoc.<\/p>\n

So quick and dirty solution, add override to facebook SDK and thank them for making it open source. <\/p>\n

Add this property to facebook sdk class:<\/p>\n


\npublic $overrideToAppSigned = false;
\n<\/code>
\nand change getAccessToken method to:
\n
\npublic function getAccessToken() {
\n $session = $this->getSession();
\n \/\/ either user session signed, or app signed
\n if ($session && !$this->overrideToAppSigned) {
\n return $session['access_token'];
\n } else {
\n return $this->getAppId() .'|'. $this->getApiSecret();
\n }
\n }
\n<\/code><\/p>\n

Now you can call old REST api like this:
\n<\/p>\n

$this->_facebook->overrideToAppSigned = true;<\/p>\n

$result = $this->_facebook->api(
\narray(
\n\t'method' => 'dashboard.addGlobalNews',
\n\t'call_id' => microtime(true),
\n\t'news' => $news
\n)
\n);<\/p>\n

$this->_facebook->overrideToAppSigned = false;<\/p>\n

<\/code><\/p>\n

Don’t forget the last line! ;)<\/p>\n","protected":false},"excerpt":{"rendered":"

So if you are getting The method you are calling or the FQL table you are querying cannot be called using a session secret or by a desktop application. while trying to run some old facbook REST API while using new php sdk this post is for you! Truth is the some REST calls dose…<\/p>\n","protected":false},"author":9,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/www.nivas.hr\/blog\/wp-json\/wp\/v2\/posts\/1733"}],"collection":[{"href":"https:\/\/www.nivas.hr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.nivas.hr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.nivas.hr\/blog\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.nivas.hr\/blog\/wp-json\/wp\/v2\/comments?post=1733"}],"version-history":[{"count":13,"href":"https:\/\/www.nivas.hr\/blog\/wp-json\/wp\/v2\/posts\/1733\/revisions"}],"predecessor-version":[{"id":1928,"href":"https:\/\/www.nivas.hr\/blog\/wp-json\/wp\/v2\/posts\/1733\/revisions\/1928"}],"wp:attachment":[{"href":"https:\/\/www.nivas.hr\/blog\/wp-json\/wp\/v2\/media?parent=1733"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.nivas.hr\/blog\/wp-json\/wp\/v2\/categories?post=1733"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.nivas.hr\/blog\/wp-json\/wp\/v2\/tags?post=1733"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}