Invalid access token signature

[Nikita]

After i get access_token in my application install servlet, i pass it
to new DefaultFacebookClient(token) contructor.
And it fails with Invalid access token signature

Before i tried RestFB it worked, and the access token, that i get from
facebook, log and then try it through url
https://graph.facebook.com/me?access_token=<logged_access_token> works
perfect.

It seems to me there are some trobles within RestFB.

Code that throws exception:

String token = getAccessToken(url); //THIS TOKEN IS VALID
//url to get personal info
url = "https://graph.facebook.com/me?access_token=" + token;
//restFB library example
logger.info("ACCESS TOKEN = " + token);
FacebookClient facebookClient = new DefaultFacebookClient(token);
User userRestFB = facebookClient.fetchObject("me", User.class);//
restFb library user example
logger.info("REST FB TESTING===============================");
logger.info("User Name = " + userRestFB.getName());
logger.info("User Facebook Id = " + userRestFB.getId());

[Marcel Stör]

On 11.02.2011 13:25, Nikita wrote:
> After i get access_token in my application install servlet, i pass it
> to new DefaultFacebookClient(token) contructor.
> And it fails with Invalid access token signature
>
> Before i tried RestFB it worked, and the access token, that i get from
> facebook, log and then try it through url
> https://graph.facebook.com/me?access_token=<logged_access_token> works
> perfect.
>
> It seems to me there are some trobles within RestFB.
>
> Code that throws exception:
>
> String token = getAccessToken(url); //THIS TOKEN IS VALID

The token is not really valid i.e. it's probably not valid for offline
access.
You may want to read "A note about the Publish and Delete examples
below" on http://restfb.com/ and the Facebook docs about the different
types of tokens.

Cheers,

--
Marcel St�r, http://www.frightanic.com
Couchsurfing: http://www.couchsurfing.com/people/marcelstoer
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org

[Nikita]

Look, i don't care about different types of tokens. I use here the
ACCESS_TOKEN. As it written in your java docs:
DefaultFacebookClient(String accessToken)
The example from restfb.com that i am using: FacebookClient
facebookClient = new DefaultFacebookClient(MY_ACCESS_TOKEN);

It is the first example and it doesn't work. I have a bad feeling
about this library =)

On 11 фев, 15:30, Marcel Stör <mar...@frightanic.com> wrote:
> On 11.02.2011 13:25, Nikita wrote:
>
> > After i get access_token in my application install servlet, i pass it
> > to new DefaultFacebookClient(token) contructor.
> > And it fails with Invalid access token signature
>
> > Before i tried RestFB it worked, and the access token, that i get from
> > facebook, log and then try it through url
> >https://graph.facebook.com/me?access_token=<logged_access_token>  works
> > perfect.
>
> > It seems to me there are some trobles within RestFB.
>
> > Code that throws exception:
>
> > String token = getAccessToken(url); //THIS TOKEN IS VALID
>
> The token is not really valid i.e. it's probably not valid for offline
> access.
> You may want to read "A note about the Publish and Delete examples

> below" onhttp://restfb.com/and the Facebook docs about the different

> types of tokens.
>
> Cheers,
>
> --

> Marcel St r,http://www.frightanic.com

[revetkn]

Is there any chance the getAccessToken(url) method in your example
returns a URL-encoded string? If so, pass along a non-URL-encoded
version of the access token to RestFB.

Thanks
Mark

On Feb 11, 7:37 am, Nikita <nikikik...@gmail.com> wrote:
> Look, i don't care about different types of tokens. I use here the
> ACCESS_TOKEN. As it written in your java docs:
> DefaultFacebookClient(String accessToken)
> The example from restfb.com that i am using: FacebookClient
> facebookClient = new DefaultFacebookClient(MY_ACCESS_TOKEN);
>
> It is the first example and it doesn't work. I have a bad feeling
> about this library =)
>
> On 11 фев, 15:30, Marcel Stör <mar...@frightanic.com> wrote:
>
>
>
>
>
>
>
> > On 11.02.2011 13:25, Nikita wrote:
>
> > > After i get access_token in my application install servlet, i pass it
> > > to new DefaultFacebookClient(token) contructor.
> > > And it fails with Invalid access token signature
>
> > > Before i tried RestFB it worked, and the access token, that i get from
> > > facebook, log and then try it through url
> > >https://graph.facebook.com/me?access_token=<logged_access_token>  works
> > > perfect.
>
> > > It seems to me there are some trobles within RestFB.
>
> > > Code that throws exception:
>
> > > String token = getAccessToken(url); //THIS TOKEN IS VALID
>
> > The token is not really valid i.e. it's probably not valid for offline
> > access.
> > You may want to read "A note about the Publish and Delete examples

> > below" onhttp://restfb.com/andthe Facebook docs about the different

[Nikita]

How is it look like a non-URL-encoded version of access token? On the
previous step i get an access token as a string. Facebook returns from
my request a string that looks like access_token=<access_token_value>
I parse that string and return String value that contains only access
token - no any url specific symbols

> > > below" onhttp://restfb.com/andtheFacebook docs about the different

[revetkn]

Can you post the access token here as logged by this line:
logger.info("ACCESS TOKEN = " + token); (feel free to change a few
numbers in it so it's invalid)?

For example, mine looks like:

25123470867|2.j46I5LQoVNskepd8gHbLTA__.3600.1297436400-234503817|
KfkV9j1Zbc10-hNLRVw7rx1MLds

Thanks
Mark

> > > > below" onhttp://restfb.com/andtheFacebookdocs about the different

[Nikita]

its a waste of time. i've already told u that when i go to
https://graph.facebook.com/me?access_token=<access_token_value> - it
woks fine. It means that the token is valid. Not very hard to
understand, isn't it?

> > > > > below" onhttp://restfb.com/andtheFacebookdocsabout the different

[Nikita]

its a waste of time. i've already told u that when i go to
https://graph.facebook.com/me?access_token=<access_token_value> - it
woks fine. It means that the token is valid. Not very hard to
understand, isn't it?

On 11 фев, 16:43, revetkn <mark.a.al...@gmail.com> wrote:

> > > > > below" onhttp://restfb.com/andtheFacebookdocsabout the different

[revetkn]

On Feb 11, 8:48 am, Nikita <nikikik...@gmail.com> wrote:
> its a waste of time. i've already told u that when i go tohttps://graph.facebook.com/me?access_token=<access_token_value> - it

> woks fine. It means that the token is valid. Not very hard to
> understand, isn't it?

If you are unwilling to post more information about your problem, I
don't think anyone will be able to give you a hand with it.

Given that all other RestFB users are able to use the library with an
access token, I would say there appears to be some issue that is
specific to whatever your setup/code/etc. is.

Thanks
Mark

[Marcelo]

Em 11/02/2011 10:37, Nikita escreveu:
> It is the first example and it doesn't work. I have a bad feeling
> about this library =)

I have a bad feeling about your code... and communication skills =)

The lib works perfectly.

/Marcelo

[Marcel Stör]

On 11.02.2011 13:37, Nikita wrote:
> Look, i don't care about different types of tokens.

Too bad, because you should. RestFB assumes you are
familiar with the basics of the Facebook API.

Cheers,

--
Marcel Stör, http://www.frightanic.com

[FredTheKat]

I am an experienced .NET developer new to FB development. I am trying
to use the mobile-friendly login page at:
"https://www.facebook.com/dialog/oauth?
client_id=XXXXXXXXX&redirect_uri=http://localhost:8181/Welcome.aspx/
&display=touch&scope=email".

I am able to get the "code" and then get an access token (of sorts, a
"bearer token", I understand) in the format xxxxxxxxxx|xxxxxxxxxx,
which is missing the session part. I am executing this code via a web
request from server-side code to this address:
https://graph.facebook.com/oauth/access_token?type=client_cred&client_id=xxxxxxxx&redirect_uri="http://localhost:8181/welcome.aspx/&client_secret=xxxxxx&code=xxxxxxxxxxxx

Now, when I call this, it is my understanding that I must use the
param type=web_server. However, if I do, I get a 400 error. It will
work if I use type=client_cred. The token that is passed back is in
the format xxxxxx|xxxxxx.

If I try to execute this code via a server-side web request:
https://graph.facebook.com/me?access_token=" & UrlEncode(sAccessToken)
I get an "Invalid access token signature" .

I have been at this for 3 days now. I have tried every combination. I
am finding many contradictions and omissions in the FB documentation
and in postings on other forums. Can anybody help? This is language
independent, since I am making a web request to a URL.

Having said all this, I have no problem whatsoever doing this with the
<fb:login> button and reading from the cookie and manipulating objects
at will in a desktop browser environment. The only difference here is
the extra intermediate steps of getting the "code", the access token,
and the rest of it in order to use the mobile-friendly login page.

This is not the first or 2nd or twelveth time I have run into this
sort of showstopper with FB. I'm ready to give up altogether. I have
seen so many, many other people trying to solve this problem (kludge).

Any help would be most kindly appreciated,
Fred

On Feb 11, 6:02 pm, Marcel Stör <mar...@frightanic.com> wrote:
> On 11.02.2011 13:37, Nikita wrote:
>
> > Look, i don't care about different types of tokens.
>
> Too bad, because you should. RestFB assumes you are
> familiar with the basics of the Facebook API.
>
> Cheers,
>
> --

> Marcel Stör,http://www.frightanic.com