Facebook has deprecated the offline_access and introduced access token extension instead. The doc says that to extend access token we need to provide a valid access token. Now my doubt is can I pass an access token which has already expired to the url,- https://graph.facebook.com/oauth/access_token?client_id=APP_ID&client_secret=APP_SECRET&grant_type=fb_exchange_token&fb_exchange_token=EXPIRED_ACCESS_TOKEN
Note:- the user hasn't changed the password nor he has revoked the app.
You can exchange it for a longer-lived token while it's still active, but once it expires it stops working and you'll need to wait for the user to return to your app and get a new access token for them
Passing an expired or invalid access token to the extension endpoint will return an error. You can only extend access tokens that are currently valid.
Facebook provides a way to request a new access token with no user interaction. Please see my detailed solution to this problem, complete with code, here: Deprecated offline_access on facebook with RoR
