I try to be as specific as possible to describe what I'm doing and what my problem is: In short I "hijack" some access token and use it to download XML data. Here is the long version:
First I generate a access token with the help of some app. The app is NOT mine, I think one could use ANY app: https://graph.facebook.com/oauth/authorize?client_id=xxxxxxxx&redirect_uri=http://apps.facebook.com/xxxxxxx/&scope=offline_access,email,read_insights,read_stream,user_about_me,user_activities,user_birthday,user_education_history,user_events,user_groups,user_hometown,user_interests,user_likes,user_location,user_notes,user_online_presence,user_photo_video_tags,user_photos,user_relationships,user_religion_politics,user_status,user_videos,user_website,user_work_history,user_checkins,read_friendlists,read_requests,friends_about_me,friends_activities,friends_birthday,friends_education_history,friends_events,friends_groups,friends_hometown,friends_interests,friends_likes,friends_location,friends_notes,friends_online_presence,friends_photo_video_tags,friends_photos,friends_relationships,friends_religion_politics,friends_status,friends_videos,friends_website,friends_work_history,friends_checkins&type=user_agent
In response I get the access token in the URL: access_token=AAAAA.....
Then I use this access_token to access certain informations:
https://api.facebook.com/method/fql.query?access_token=AAAAA....&query=SELECT%20uid,%20first_name,%20last_name,%20online_presence%20FROM%20user%20WHERE%20uid=[friend-uid]
So far this works very good and I don't have to renew the access token but with the new changes I only get a token that is 2 hours valid. That is too short for me because I use the token in a WGET script. I can't exchange the token because I have no further information on the app. Is there any way to overcome my problem? I don't want to make my own app only to get some information. I don't want to give FB my cc. The way it is now is fine with me.
Thanks for your help.
