从扩展中获取OAuth令牌的不同方式? [英] Different ways to fetch OAuth token from an extension?
问题描述
getAuthToken()
方法。很棒。但对于非Google帐户不起作用。 2。 chrome.identity.launchWebAuthFlow():适用于Google和非Google帐户。但重启chrome之后,如果调用 launchWebAuthFlow()
,它会再次请求登录。这是令人讨厌的。
我想要实现的是将两者的功能结合在一起:
从Google帐户和非Google帐户中获取OAuth令牌。
如果有人知道如何使用 chrome.identity.launchWebAuthFlow ()
实现相同或任何其他方法??
OAuth提供程序将返回某种可重复使用的访问令牌,可以在后续登录中重新使用。通常这些是非常长寿的。例如,dropbox在responseUrl(在Web流的回调中)中返回一个访问令牌,匹配正则表达式模式 / access_token =([^&] +)/
。
您可以将此令牌存储在本地存储
a>并在随后的尝试中访问它,而不必再次通过验证流程。授权令牌并不总是永远活着(或者他们可以手动授权),所以您必须小心401响应代码,并且执行web认证流程如果发生这种情况再次发生。
逻辑结尾非常复杂,例如:
- 获取存储的令牌
- 如果没有存储的令牌,则启动web流并将auth令牌保存在本地存储中 使用存储的令牌
- 如果401,则重做授权流程并重试操作
I know only two ways to get google OAuth token :
1. chrome.identity.getAuthToken() : Fetches token associated with chrome account. After restarting chrome, I can call getAuthToken()
method without logging. Works great. But doesn't work for non - google account.
2. chrome.identity.launchWebAuthFlow() : Works both for google and non- google account. But after restarting chrome, if call launchWebAuthFlow()
, it asks for login again. It is annoying.
What I want to achieve is to combine the functionalities of both :
Fetch OAuth token from both google and non-google account. And after restarting chrome, I can fetch token again without signing in.
If anyone knows how to use chrome.identity.launchWebAuthFlow()
to achieve the same or any other method??
OAuth providers will return some sort of reusable access token, which can be re-used on subsequent logins. Usually these are very long-lived. For example, dropbox returns an access token in the responseUrl (in the callback from the web flow), matching a regex pattern /access_token=([^&]+)/
.
You can store this token in local storage and access it on subsequent attempts without going through the auth flow again.
The auth tokens don't always live forever (or they could be manually deauthorized), so you have to watch out for 401 response code, and do the web auth flow again if that occurs.
Logic ends up quite complex, something like:
- Get stored token
- If no stored token, then launch web flow and save auth token in local storage
- Try some operation using the stored token
- if 401, then redo auth flow and retry operation
这篇关于从扩展中获取OAuth令牌的不同方式?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!