Using app access token in IOS

Since Facebook changed their policy on having a acc开发者_如何学Cess token or not I am now forced to include an access token to fetch a user public posts.

As read in the documentation I can use an app access token so I still can fetch the posts without asking a user for permissions. But since I have no clue how this works, and the facebook documentation doesn't give a example concerning how to implement this on IOS, I want to ask your help!

Does anyone has an example on how I need to implement this in my code? Thnx in advance!!

I'm not sure if it's what you are looking for, but if you are trying to do something simple like getting the public posts of a user, you can do it like this.

Use the following request to get the token:

https://graph.facebook.com/oauth/access_token?client_id=YOUR_APP_ID&client_secret=YOUR_APP_SECRET&grant_type=client_credentials

I'm guessing you've got your app id and secret since you've retrieved the token already. Anyway, the token will be returned in the response like this:

access_token=ACCESS_TOKEN

Parse out the token: and put it in the following request:

https://graph.facebook.com/FACEBOOK_USER_ID/posts?access_token=ACCESS_TOKEN

You can use the following code to parse out the token:

    NSRange access_token_range = [responseString rangeOfString:@"access_token="];
    if (access_token_range.length > 0) {
        int from_index = access_token_range.location + access_token_range.length;
        NSString *access_token = [responseString substringFromIndex:from_index];

        NSLog(@"access_token:  %@", access_token);
    }

EDIT: The get posts URL will give BadURL due to illegal chars. You can do like this to fix it:

NSString *encodedURLString = [yourUrlString stringByAddingPercentEscapesUsingEncoding:NSASCIIStringEncoding];    
NSURL *url = [NSURL URLWithString:encodedURLString];

I'm not using the Facebook SDK, so I don't really know how it works, but I guess that you should do something like this:

[_facebook requestWithGraphPath:@"[user_id]/feed" 
                  andParams:[NSMutableDictionary dictionaryWithObject:ACCESS_TOKEN forKey:@"access_token"]
              andHttpMethod:@"GET"
                andDelegate:self];

Although you can do this, the API documentation states

App Login allows you to take various administrative actions for your app, such as retrieving Insights data or approving Requests. Graph API calls that require an app access token are clearly denoted in the API reference."

I think it might be a security risk since someone could intercept your app access token and do all these things via the API. Not to mention having client_secret (which is basically a password for your app) being embedded in the iOS app. I think app logins are more for the PHP servers to use.