diff --git a/src/FacebookProvider.php b/src/FacebookProvider.php
index 6789072..bc6ac79 100644
--- a/src/FacebookProvider.php
+++ b/src/FacebookProvider.php
@@ -6,8 +6,8 @@
 class FacebookProvider extends OAuth2Provider
 {
     protected $authorizeUrl = "https://www.facebook.com/dialog/oauth";
-    protected $accessTokenUrl = "https://graph.facebook.com/oauth/access_token";
-    protected $userDataUrl = "https://graph.facebook.com/me";
+    protected $accessTokenUrl = "https://graph.facebook.com/v2.3/oauth/access_token";
+    protected $userDataUrl = "https://graph.facebook.com/v2.3/me";
     protected $scope = [
         'email',
     ];
@@ -27,13 +27,27 @@ protected function getUserDataUrl()
         return $this->userDataUrl;
     }
 
-    protected function parseTokenResponse($response)
+    protected function requestAccessToken()
     {
-        parse_str($response);
-        if (! isset($access_token)) {
-            throw new InvalidAuthorizationCodeException;
+        $url = $this->getAccessTokenBaseUrl();
+        try {
+            $response = $this->httpClient->get($url, [
+                'query' => [
+                    'client_id' => $this->clientId,
+                    'client_secret' => $this->clientSecret,
+                    'redirect_uri' => $this->redirectUri(),
+                    'code' => $this->request->authorizationCode(),
+                ],
+            ]);
+        } catch (BadResponseException $e) {
+            throw new InvalidAuthorizationCodeException((string) $e->getResponse());
         }
-        return $access_token;
+        return $this->parseTokenResponse((string) $response->getBody());
+    }
+
+    protected function parseTokenResponse($response)
+    {
+        return $this->parseJsonTokenResponse($response);
     }
 
     protected function parseUserDataResponse($response)