Timeline for "Device Login" and/or alternatives to offline_access + one time login
I have a small, dinosaur-era command line interface (CLI) app for facebook. There's not a huge user base, but it has its niche. Its most altruistic usage is by those who are partially blind and rely on other text-based command line interfaces.
It truly is a "Desktop App", with no browser interface, and no way to embed a browser within the app. It's written in PHP using the PHP CLI and it's hosted on github. [get the beta branch for the newer info].
I'm clearly a little concerned about the removal of offline_access
.
I was pinning my hopes to the pending "Device Login" and was really hoping that it would be ready before they flip the switch to remove offline_access
but this doesn't appear to be the case. I cannot find any information from facebook that indicates when "Device Login" will be available. I'm secretly hoping that someone on the FB Dev team will see this and hook me up as an early adopter.
Currently I send the user to the very old 'one time login' page: www.facebook.com/code_gen.php?v=1.0&api_key=XXX
which gives the user a temporary authorization code, which I can use to get an older session key -- then I can use graph.facebook.com/oauth/exchange_sessions to get a new OAuth session.
So I am hoping someone at Facebook will shed light on when "device login" will appear, or if there is a better approach I should be using.
Right now, the best solution I have is to host some page that would display to the user what their oauth session information would be, and then have the user cut & paste it as a command line argument to my app. I'd like to avoid that approach -- especially because now it looks like they'll have to do that periodically (every 60 days).
Solution 1:
As someone also commented, Facebook has offered alternatives. https://developers.facebook.com/docs/roadmap/completed-changes/offline-access-removal