Google API V 3.0 .Net 库和 Google OAuth2 如何处理刷新令牌 [英] How Google API V 3.0 .Net library and Google OAuth2 Handling refresh token
本文介绍了Google API V 3.0 .Net 库和 Google OAuth2 如何处理刷新令牌的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
在我的应用程序中,我使用带有 Google OAuth2 的 Google API V 3.0 .Net 库来同步 Google 日历和 Outlook 日历.我使用下面的代码来获取 Google.Apis.Calendar.v3.CalendarService 服务对象.在身份验证期间,我存储了 Json 文件,并从中请求 Google.Apis.Auth.OAuth2.UserCredential 对象.
In my application I am using Google API V 3.0 .Net library with Google OAuth2 to synchronize Google calender and outlook calender. I am using below code to get the Google.Apis.Calendar.v3.CalendarService service object. During authentication I stored the Json file and from that I am requesting for Google.Apis.Auth.OAuth2.UserCredential object.
private Google.Apis.Auth.OAuth2.UserCredential GetGoogleOAuthCredential()
{
GoogleTokenModel _TokenData = new GoogleTokenModel();
String JsonFilelocation = "jsonFileLocation;
Google.Apis.Auth.OAuth2.UserCredential credential = null;
using (var stream = new FileStream(JsonFilelocation, FileMode.Open,
FileAccess.Read))
{
Google.Apis.Auth.OAuth2.GoogleWebAuthorizationBroker.Folder = "Tasks.Auth.Store";
credential = Google.Apis.Auth.OAuth2.GoogleWebAuthorizationBroker.AuthorizeAsync(
Google.Apis.Auth.OAuth2.GoogleClientSecrets.Load(stream).Secrets,
new[] { Google.Apis.Calendar.v3.CalendarService.Scope.Calendar },
"user",
CancellationToken.None,
new FileDataStore("OGSync.Auth.Store")).Result;
}
return credential;
}
请求服务对象代码是:
Google.Apis.Calendar.v3.CalendarService _V3calendarService = new Google.Apis.Calendar.v3.CalendarService(new Google.Apis.Services.BaseClientService.Initializer()
{
HttpClientInitializer = GetGoogleOAuthCredential(),
ApplicationName = "TestApplication",
});
以上代码可以很好地获取 Calendarservice 对象.我的问题是,我的 Json 文件具有刷新和访问令牌.当访问令牌过期时,上面的代码如何处理刷新令牌以获取服务?因为需要频繁调用Calendarservice对象,所以喜欢为calenderService对象实现单例模式.如何在不频繁调用 GetGoogleOAuthCredential 的情况下获取 Calendarservice?感谢您提供任何帮助/指导.
Above code works fine to get the Calendarservice object. My question is, my Json file has refresh and access tokens. how the above code handles refresh token to obtain the service when access token expired? Because I need to call the Calendarservice object frequently, I like to implement singleton pattern for calenderService object. How to get Calendarservice without calling GetGoogleOAuthCredential frequently? Any help/guidance is appreciated.
推荐答案
过去两天我自己都在琢磨这个问题.除非您指定access_type=offline",否则库不会自动刷新令牌.
Spent the last two days figuring this out myself. The library does not refresh the tokens automatically unless you specify "access_type=offline".
https://developers.google.com/api-client-library/dotnet/guide/aaa_oauth
我要粘贴我正在使用的代码,如果您有任何不明白的地方,尽管问.我已经阅读了很多帖子,而且我现在几乎可以正常工作,因此有一些注释代码,但尚未重构.我希望这会帮助某人.我使用的 NuGet 包如下:
I'm gonna paste the code I'm using and if there is anything you don't understand, just ask. I have read so many posts and I litteraly got this working right now so there is some commented code and it has not been refactored yet. I hope this will help someone. The NuGet packages I'm using are these:
Google.Apis.Auth.MVC
Google.Apis.Auth.MVC
Google.Apis.Calendar.v3
Google.Apis.Calendar.v3
代码:
AuthCallbackController:
AuthCallbackController:
[AuthorizationCodeActionFilter]
public class AuthCallbackController : Google.Apis.Auth.OAuth2.Mvc.Controllers.AuthCallbackController
{
protected static readonly ILogger Logger = ApplicationContext.Logger.ForType<AuthCallbackController>();
/// <summary>Gets the authorization code flow.</summary>
protected IAuthorizationCodeFlow Flow { get { return FlowData.Flow; } }
/// <summary>
/// Gets the user identifier. Potential logic is to use session variables to retrieve that information.
/// </summary>
protected string UserId { get { return FlowData.GetUserId(this); } }
/// <summary>
/// The authorization callback which receives an authorization code which contains an error or a code.
/// If a code is available the method exchange the coed with an access token and redirect back to the original
/// page which initialized the auth process (using the state parameter).
/// <para>
/// The current timeout is set to 10 seconds. You can change the default behavior by setting
/// <see cref="System.Web.Mvc.AsyncTimeoutAttribute"/> with a different value on your controller.
/// </para>
/// </summary>
/// <param name="authorizationCode">Authorization code response which contains the code or an error.</param>
/// <param name="taskCancellationToken">Cancellation token to cancel operation.</param>
/// <returns>
/// Redirect action to the state parameter or <see cref="OnTokenError"/> in case of an error.
/// </returns>
[AsyncTimeout(60000)]
public async override Task<ActionResult> IndexAsync(AuthorizationCodeResponseUrl authorizationCode,
CancellationToken taskCancellationToken)
{
if (string.IsNullOrEmpty(authorizationCode.Code))
{
var errorResponse = new TokenErrorResponse(authorizationCode);
Logger.Info("Received an error. The response is: {0}", errorResponse);
Debug.WriteLine("Received an error. The response is: {0}", errorResponse);
return OnTokenError(errorResponse);
}
Logger.Debug("Received "{0}" code", authorizationCode.Code);
Debug.WriteLine("Received "{0}" code", authorizationCode.Code);
var returnUrl = Request.Url.ToString();
returnUrl = returnUrl.Substring(0, returnUrl.IndexOf("?"));
var token = await Flow.ExchangeCodeForTokenAsync(UserId, authorizationCode.Code, returnUrl,
taskCancellationToken).ConfigureAwait(false);
// Extract the right state.
var oauthState = await AuthWebUtility.ExtracRedirectFromState(Flow.DataStore, UserId,
authorizationCode.State).ConfigureAwait(false);
return new RedirectResult(oauthState);
}
protected override Google.Apis.Auth.OAuth2.Mvc.FlowMetadata FlowData
{
get { return new AppFlowMetadata(); }
}
protected override ActionResult OnTokenError(TokenErrorResponse errorResponse)
{
throw new TokenResponseException(errorResponse);
}
//public class AuthCallbackController : Google.Apis.Auth.OAuth2.Mvc.Controllers.AuthCallbackController
//{
// protected override Google.Apis.Auth.OAuth2.Mvc.FlowMetadata FlowData
// {
// get { return new AppFlowMetadata(); }
// }
//}
}
Controller 调用 Google API 的方法
Method for Controller calling Google API
public async Task<ActionResult> GoogleCalendarAsync(CancellationToken cancellationToken)
{
var result = await new AuthorizationCodeMvcApp(this, new AppFlowMetadata()).
AuthorizeAsync(cancellationToken);
if (result.Credential != null)
{
//var ttt = await result.Credential.RevokeTokenAsync(cancellationToken);
//bool x = await result.Credential.RefreshTokenAsync(cancellationToken);
var service = new CalendarService(new BaseClientService.Initializer()
{
HttpClientInitializer = result.Credential,
ApplicationName = "GoogleApplication",
});
var t = service.Calendars;
var tt = service.CalendarList.List();
// Define parameters of request.
EventsResource.ListRequest request = service.Events.List("primary");
request.TimeMin = DateTime.Now;
request.ShowDeleted = false;
request.SingleEvents = true;
request.MaxResults = 10;
request.OrderBy = EventsResource.ListRequest.OrderByEnum.StartTime;
// List events.
Events events = request.Execute();
Debug.WriteLine("Upcoming events:");
if (events.Items != null && events.Items.Count > 0)
{
foreach (var eventItem in events.Items)
{
string when = eventItem.Start.DateTime.ToString();
if (String.IsNullOrEmpty(when))
{
when = eventItem.Start.Date;
}
Debug.WriteLine("{0} ({1})", eventItem.Summary, when);
}
}
else
{
Debug.WriteLine("No upcoming events found.");
}
//Event myEvent = new Event
//{
// Summary = "Appointment",
// Location = "Somewhere",
// Start = new EventDateTime()
// {
// DateTime = new DateTime(2014, 6, 2, 10, 0, 0),
// TimeZone = "America/Los_Angeles"
// },
// End = new EventDateTime()
// {
// DateTime = new DateTime(2014, 6, 2, 10, 30, 0),
// TimeZone = "America/Los_Angeles"
// },
// Recurrence = new String[] {
// "RRULE:FREQ=WEEKLY;BYDAY=MO"
// },
// Attendees = new List<EventAttendee>()
// {
// new EventAttendee() { Email = "johndoe@gmail.com" }
// }
//};
//Event recurringEvent = service.Events.Insert(myEvent, "primary").Execute();
return View();
}
else
{
return new RedirectResult(result.RedirectUri);
}
}
FlowMetadata 的派生类
Derived class of FlowMetadata
public class AppFlowMetadata : FlowMetadata
{
//static readonly string server = ConfigurationManager.AppSettings["DatabaseServer"];
//static readonly string serverUser = ConfigurationManager.AppSettings["DatabaseUser"];
//static readonly string serverPassword = ConfigurationManager.AppSettings["DatabaseUserPassword"];
//static readonly string serverDatabase = ConfigurationManager.AppSettings["DatabaseName"];
////new FileDataStore("Daimto.GoogleCalendar.Auth.Store")
////new FileDataStore("Drive.Api.Auth.Store")
//static DatabaseDataStore databaseDataStore = new DatabaseDataStore(server, serverUser, serverPassword, serverDatabase);
private static readonly IAuthorizationCodeFlow flow =
new ForceOfflineGoogleAuthorizationCodeFlow(new GoogleAuthorizationCodeFlow.Initializer
{
ClientSecrets = new ClientSecrets
{
ClientId = "yourClientId",
ClientSecret = "yourClientSecret"
},
Scopes = new[]
{
CalendarService.Scope.Calendar, // Manage your calendars
//CalendarService.Scope.CalendarReadonly // View your Calendars
},
DataStore = new EFDataStore(),
});
public override string GetUserId(Controller controller)
{
// In this sample we use the session to store the user identifiers.
// That's not the best practice, because you should have a logic to identify
// a user. You might want to use "OpenID Connect".
// You can read more about the protocol in the following link:
// https://developers.google.com/accounts/docs/OAuth2Login.
//var user = controller.Session["user"];
//if (user == null)
//{
// user = Guid.NewGuid();
// controller.Session["user"] = user;
//}
//return user.ToString();
//var store = new UserStore<ApplicationUser>(new ApplicationDbContext());
//var manager = new UserManager<ApplicationUser>(store);
//var currentUser = manager.FindById(controller.User.Identity.GetUserId());
return controller.User.Identity.GetUserId();
}
public override IAuthorizationCodeFlow Flow
{
get { return flow; }
}
public override string AuthCallback
{
get { return @"/GoogleApplication/AuthCallback/IndexAsync"; }
}
}
实体框架 6 DataStore 类
Entity framework 6 DataStore class
public class EFDataStore : IDataStore
{
public async Task ClearAsync()
{
using (var context = new ApplicationDbContext())
{
var objectContext = ((IObjectContextAdapter)context).ObjectContext;
await objectContext.ExecuteStoreCommandAsync("TRUNCATE TABLE [Items]");
}
}
public async Task DeleteAsync<T>(string key)
{
if (string.IsNullOrEmpty(key))
{
throw new ArgumentException("Key MUST have a value");
}
using (var context = new ApplicationDbContext())
{
var generatedKey = GenerateStoredKey(key, typeof(T));
var item = context.GoogleAuthItems.FirstOrDefault(x => x.Key == generatedKey);
if (item != null)
{
context.GoogleAuthItems.Remove(item);
await context.SaveChangesAsync();
}
}
}
public Task<T> GetAsync<T>(string key)
{
if (string.IsNullOrEmpty(key))
{
throw new ArgumentException("Key MUST have a value");
}
using (var context = new ApplicationDbContext())
{
var generatedKey = GenerateStoredKey(key, typeof(T));
var item = context.GoogleAuthItems.FirstOrDefault(x => x.Key == generatedKey);
T value = item == null ? default(T) : JsonConvert.DeserializeObject<T>(item.Value);
return Task.FromResult<T>(value);
}
}
public async Task StoreAsync<T>(string key, T value)
{
if (string.IsNullOrEmpty(key))
{
throw new ArgumentException("Key MUST have a value");
}
using (var context = new ApplicationDbContext())
{
var generatedKey = GenerateStoredKey(key, typeof(T));
string json = JsonConvert.SerializeObject(value);
var item = await context.GoogleAuthItems.SingleOrDefaultAsync(x => x.Key == generatedKey);
if (item == null)
{
context.GoogleAuthItems.Add(new GoogleAuthItem { Key = generatedKey, Value = json });
}
else
{
item.Value = json;
}
await context.SaveChangesAsync();
}
}
private static string GenerateStoredKey(string key, Type t)
{
return string.Format("{0}-{1}", t.FullName, key);
}
}
GoogleAuthorizationCodeFlow 的派生类.启用自动刷新"令牌的长期刷新令牌,这意味着获取新的访问令牌.
Derived class for GoogleAuthorizationCodeFlow. Enabling long-lived refresh token that take care of automatically "refreshing" the token, which simply means getting a new access token.
https://developers.google.com/api-client-library/dotnet/guide/aaa_oauth
internal class ForceOfflineGoogleAuthorizationCodeFlow : GoogleAuthorizationCodeFlow
{
public ForceOfflineGoogleAuthorizationCodeFlow(GoogleAuthorizationCodeFlow.Initializer initializer) : base (initializer) { }
public override AuthorizationCodeRequestUrl CreateAuthorizationCodeRequest(string redirectUri)
{
return new GoogleAuthorizationCodeRequestUrl(new Uri(AuthorizationServerUrl))
{
ClientId = ClientSecrets.ClientId,
Scope = string.Join(" ", Scopes),
RedirectUri = redirectUri,
AccessType = "offline",
ApprovalPrompt = "force"
};
}
}
GoogleAuthItem 与 EFDataStore 一起使用
GoogleAuthItem is used with EFDataStore
public class GoogleAuthItem
{
[Key]
[MaxLength(100)]
public string Key { get; set; }
[MaxLength(500)]
public string Value { get; set; }
}
public DbSet<GoogleAuthItem> GoogleAuthItems { get; set; }
这篇关于Google API V 3.0 .Net 库和 Google OAuth2 如何处理刷新令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
