如何使用谷歌离线访问令牌iOS上在后台进行身份验证? [英] How to use a Google offline access token to authenticate in background on iOS?
问题描述
短版:
我想使用谷歌的OAuth2客户端目标C 以创建一个有效的 GTMOAuth2Authentication 对象对我来说,在我的应用程序中使用,使用脱机访问令牌我从后台得到。我怎样才能做到呢?
I want to use the Google OAuth2 client for Objective C to create a valid GTMOAuth2Authentication object for me to use in my app, with an offline access token I get from my backend. How can I accomplish that?
我的情况:
我的应用程序使用只读分析范围,以获取有关用户的网站(S)的一些数据。我做到这一点的方式,是通过与 GTMOAuth2ViewControllerTouch 的ViewController登录,由谷歌的OAuth2客户端的目的C.提供那么它给了我有效的 GTMOAuth2Authentication 对象,我可以用它来查询谷歌Analytics(分析)通过的谷歌API客户端。
My app uses Analytics read-only scope to get some data about the user's website(s). The way I accomplish this, is by logging in with the GTMOAuth2ViewControllerTouch ViewController, provided by the Google OAuth2 client for Objective C. It then gives me the valid GTMOAuth2Authentication object, that I can use to query Google Analytics via the Google API client.
现在,我们不希望给用户的谷歌Analytics(分析)访问(有些没有谷歌账户和一般,我们要保持信息通过应用简单)。这意味着我们得到了我们的账户登录(可以访问所有网站的Analytics的数据)。显然,我们不能给我们的用户提供凭据,所以我们必须找到一个解决方案。
Now, we don't want to give the users Google Analytics access (some don't have Google accounts and in general, we want to keep the information simple via the app). This means we got to login with our account (that has access to all the websites' Analytics data). Obviously we can't give our users our credentials, so we had to find a solution for that.
我的计划:
我觉得这个问题可以通过要求从我们的后端(通过SSL加密)我们(离线访问)记号字符串,将其保存到用户的钥匙链,并进一步利用其在应用程序中查询分析来解决。然后,我们让我们的服务的用户登录信息(这样我们才能确定哪些网站的用户可以访问),并显示数据。
I think this problem could be solved by requesting our (offline access) token string from our backend (via SSL encryption), saving it to the user's keychain and use it further in the application to query Analytics. We then let the user login at our service (so we can determine which websites the user has access to), and show the data.
我的问题:
我有搜索无处不在,通过谷歌(非常薄)的文件看,视察了 GTMOAuth2Authentication 源$ C $ C,但我似乎无法绕到我的头问题。在我看来,就不会有这样的解决方案(因为我使用类似的方法在我们的CMS让用户投递到我们的Facebook墙),所以我缺少什么吗?
I have searched everywhere, looked through the (very thin) documentation by Google, inspected the GTMOAuth2Authentication source code, but I cannot seem to wrap my head around the problem. It seems to me there would be a solution like this (because I use a similar approach in our CMS to let a user post to our Facebook wall), so what am I missing here?
当前登录的code:
GTMOAuth2ViewControllerTouch *viewController = [[GTMOAuth2ViewControllerTouch alloc]
initWithScope:scope
clientID:kMyClientID
clientSecret:kMyClientSecret
keychainItemName:kKeychainItemName
completionHandler:
^(GTMOAuth2ViewControllerTouch *viewController, GTMOAuth2Authentication *auth, NSError *error) {
if (error != nil) {
// Authentication failed
DebugLog(@"Failed!");
} else {
// Authentication succeeded
DebugLog(@"Success!");
// Update interface
self.loginButton.hidden = YES;
self.authentication = auth;
}
}];
我曾尝试:
我曾尝试手动创建一个 GTMOAuth2Authentication 对象和所有参数的设置自己(范围,客户端ID,secretid,访问令牌,刷新令牌,callbackuri,凭证网址等) ,但我得到返回401:需要登录错误,当我尝试使用对象查询。所以我想这是不是这样做的方式。
I have tried manually creating a GTMOAuth2Authentication object and setting all the parameters myself (scope, clientid, secretid, access token, refresh token, callbackuri, token url, etc), but I get returned a 401: Login Required error when I try to use the object for queries. So I guess that is not the way to do it.
链接:
- Google OAuth2 client
- Google API objective-c client
感谢您阅读!
推荐答案
您不需要GTMOAuth2Authentication实例。
你需要的是创建你自己的类实现了GTMFetcherAuthorizationProtocol协议,并将其指定为您的授权人。
You don't need a GTMOAuth2Authentication instance. What you need is to create you own class that implement the GTMFetcherAuthorizationProtocol protocol, and assign it as your authorizer.
MyAuth *myAuth = [[MyAuth alloc] initWithAccessToken:accessToken];
googleService.authorizer = myAuth;
本类需要授权的基础上,你已经拥有的访问令牌的请求。
这个类的code应该与此类似。
This class needs to authorize the request based on the access token you already have. The code of this class should be similar to this.
@interface MyAuth : NSObject<GTMFetcherAuthorizationProtocol>
@property (copy, nonatomic) NSString *accessToken;
@property (copy, readonly) NSString *userEmail;
@end
@implementation MyAuth
- (void)authorizeRequest:(NSMutableURLRequest *)request
delegate:(id)delegate
didFinishSelector:(SEL)sel {
if (request) {
NSString *value = [NSString stringWithFormat:@"%s %@", GTM_OAUTH2_BEARER, self.accessToken];
[request setValue:value forHTTPHeaderField:@"Authorization"];
}
NSMethodSignature *sig = [delegate methodSignatureForSelector:sel];
NSInvocation *invocation = [NSInvocation invocationWithMethodSignature:sig];
[invocation setSelector:sel];
[invocation setTarget:delegate];
[invocation setArgument:(__bridge void *)(self) atIndex:2];
[invocation setArgument:&request atIndex:3];
[invocation invoke];
}
- (void)authorizeRequest:(NSMutableURLRequest *)request
completionHandler:(void (^)(NSError *error))handler {
if (request) {
NSString *value = [NSString stringWithFormat:@"%@ %@", @"Bearer", self.accessToken];
[request setValue:value forHTTPHeaderField:@"Authorization"];
}
}
- (BOOL)isAuthorizedRequest:(NSURLRequest *)request {
return NO;
}
- (void)stopAuthorization {
}
- (void)stopAuthorizationForRequest:(NSURLRequest *)request {
}
- (BOOL)isAuthorizingRequest:(NSURLRequest *)request {
return YES;
}
希望它帮助。
这篇关于如何使用谷歌离线访问令牌iOS上在后台进行身份验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
