/**
* Retrieves an access token for the given authorization code
* (previously generated from www.facebook.com on behalf of
* a specific user). The authorization code is sent to graph.facebook.com
* and a legitimate access token is generated provided the access token
* and the user for which it was generated all match, and the user is
* either logged in to Facebook or has granted an offline access permission.
*
* @param string $code An authorization code.
* @param null $redirectUri
* @return mixed An access token exchanged for the authorization code, or false if an access token could not be generated.
*/
protected function getAccessTokenFromCode($code, $redirectUri = NULL)
{
if (empty($code)) {
return FALSE;
}
if ($redirectUri === NULL) {
$redirectUri = $this->getCurrentUrl();
}
try {
// need to circumvent json_decode by calling _oauthRequest
// directly, since response isn't JSON format.
$accessToken = $this->apiClient->oauth($this->config->createUrl('graph', '/oauth/access_token'), array('client_id' => $this->config->appId, 'client_secret' => $this->config->appSecret, 'redirect_uri' => $redirectUri, 'code' => $code));
if (empty($accessToken)) {
return FALSE;
}
} catch (FacebookApiException $e) {
// most likely that user very recently revoked authorization.
// In any event, we don't have an access token, so say so.
return FALSE;
}
try {
$params = $this->decodeAccessToken($accessToken);
return $params['access_token'];
} catch (InvalidArgumentException $e) {
return FALSE;
}
}
