Is there a way to convert a Facebook access token to a session key?

While trying to use Facebook's mobile authentication, I realized that they don't set any session key cookies now, and only deal with access tokens. From what I've gathered, access tokens are how the new OAuth2 system works, making session keys somewhat deprecated. Is my only choice to update the code to use access tokens, or is there a way for me to get a session k开发者_StackOverflow社区ey when I only have the access token?

Oops, I'd forgotten about this question. Since I figured it out, I figured I should answer this for other folks. Apparently the session key is embedded in the access token, and can be parsed as follows:

Format of the access token is as follows: <appId>|<sessionKey>|<digest>

The format of the session key differs depending on if it expires or not

• Expiring session key: <something>.<sessionSecret>.<expireAt>-<userId>
• Non-expiring session key: <sessionSecret>-<userId>

It's been a while since I did this, but I do believe I figured this out after reading this blog post here