OAuth 2.0是否始终需要浏览器 [英] Does OAuth 2.0 always require a browser in the flow

问题描述

我可以在没有浏览器(或应用程序中的嵌入式浏览器)的情况下使用OAuth 2.0进行每晚上传吗?

设置，我有一个刷新令牌，可以从提供商控制台Google Drive API访问令牌

当我最初收到刷新/访问令牌后，我希望使用Java SDK使用/重复使用这些SDK来上传数据，而无需任何浏览器授权.

解决方案

是.这正是使用刷新令牌进行无人值守访问的目的.当用户授予该应用程序的权限时，系统会特别提示他"...即使您尚未登录"(或类似原因，我也不记得确切的用词).您将刷新令牌存储在服务器上的某个位置，然后在您的应用程序需要执行其访问时使用它来请求访问令牌.

仅是为了澄清问题中的某些措辞，刷新和访问令牌并不成对，因此说重用这些"实际上应该是重用此"，其中这"是刷新令牌./p>

Can I use OAuth 2.0 without a browser (or an embedded browser in my app) to perform nightly uploads?

Setup I have a refresh token and access token from provider console-- Google Drive API

I wish to use Java SDK to use/reuse these to upload data without the requirement for any browser authorization once i have initially received my refresh/access tokens.

解决方案

Yes. That is precisely what unattended access with the refresh token is about. When the user granted permission to the app, he was specifically prompted "... even when you're not logged in" (or similar, I can't remember the exact wording). You will store the refresh token on the server somewhere, and then use it to request an access token whenever your app needs to do its thang.

Just to clarify some of the wording in your question, the refreash and access tokens do NOT form a pair, so saying "reuse these", should actually be "reuse this", where 'this' is the refresh token.

这篇关于OAuth 2.0是否始终需要浏览器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！