I am using facebook graph api to authorize user in my app, and I get the short access token in the callback, then I exchange that token to a long living token which expires in two months:
public function callback($response)
{
$helper = $this->facebook->getRedirectLoginHelper();
try {
$accessToken = $helper->getAccessToken();
} catch (FacebookResponseException $e) {
dd("Graph returned an error: " . $e->getMessage());
} catch (FacebookSDKException $e) {
dd("Facebook SDK returned an error: " . $e->getMessage());
}
if (!isset($accessToken)) {
if ($helper->getError()) {
return Response::HTTP_UNAUTHORIZED;
} else {
return Response::HTTP_BAD_REQUEST;
}
exit;
}
$token = $accessToken->getValue();
$this->params = array_merge($this->params, ['default_access_token' => $token]);
$longLivingToken = $this->getLongLivingToken($this->params, $token);
return $longLivingToken;
}
My question is: is there any way to get a permanent token or to refresh the token without making the user go through authorization form again ?
There is no User Token that is valid forever. There is only the Extended User Token (which you are using right now), and it is valid for 60 days. There is no way to auto-refresh it, it needs to happen with user interaction.
The only Tokens that are valid forever are App Tokens and Extended Page Tokens.