Facebook Offline Access Key and login

Right. After some more searching and poking around the code. I figured it out.

I've tested it out for multiple users and over the course of a week and it works like a charm.

When you have gotten the offline_access permission, store the session key, and the user ID. (wherever you want. I store mine in my database).

The infinite session key will look something like this df4175330aaddb9d50fd8f84-30000799with everything after the 'dash' being the users ID.

Then the next time you call the API add this line of code in.

$this->fb->set_user('Facebook User ID', 'Offline Access Session key', 0);N.B. the zero is the amount of time before it will expire. 0 = never.

My code in my library is as follows

$this->fb = new Facebook($this->_api_key, $this->_secret_key);     //Query Database to see if user had enabled offline access.//If So extract the userid and session key$this->fb->set_user($fbuserid, $fbsess, 0);

In my testing this has worked perfectly.Now my users can log into my site and have facebook automatically, once they give the offline_access permission. Its currently been working for a week without problems.

I think thats everything. But if I left anything out let me know.

I've been working with facebook connect since they announced it at F8 and put it into beta a year ago, I'm in charge of the backend side of our Facebook connect integration on several large websites, and I've spent quite a bit of time on this issue specifically.

Here's a good post on the topic, ande here's a bug filed 3 months ago.

Long story short, facebook is not actively supporting this type of session promotion -- yes, it's in the docs -- but it doesn't work. It's clearly not something they're actually testing internally.

And from experience, let me tell you: if it's not a well documented, commonly used feature, you can't rely on facebook to maintain it.

The key expires every time a user changes their password. This is written on the documentation.