强制用户重新链接他/她的帐户 [英] Force user to relink his/her account
问题描述
一个非常简单的用例解释了我的问题:鉴于我的应用要求提供一些交互的密码。现在,用户给我三遍错误的密码。然后,我想重置他的访问权限并强迫他重新链接他的帐户。我可以在内部数据库中轻松完成此操作,但是我需要一种方法来告诉Google他当前使用的令牌已不再有效。否则,Google Assistant拒绝向我发送现在已被拒绝的令牌。
更新2018-03-01 :具有新的内置意图/事件,我也尝试通过 followupEvent 属性发送 actions_intent_SIGN_IN 事件,但这只会导致Google助手重新调用我的api使用 GOOGLE_ASSISTANT_WELCOME (具有旧的oauth令牌。),而不是重新启动登录工作流程。
原始帖子
我有一个带dialogflow的google助手应用程序,该应用程序强制用户登录到使用我的应用程序。最初的oauth工作流程可以正常工作,并且我确实在所有api调用中都获得了令牌。
现在,我想强制用户在某些情况下重新运行帐户链接工作流程。为此,我从内部数据库中删除了oauth令牌,并将此响应准确发送给用户,如果您正在使用,则该响应应等于 app.askForSignIn()调用sdk:
但这是行不通的。助手不会告诉用户重新运行oauth链接工作流程,也不会删除其存储的oauth令牌。模拟器甚至不使用它的刷新令牌来获取新的访问令牌!
此外,模拟器不使用响应中的语音属性,而是用对不起,我没有任何回应。 -尽管我的模拟器配置为说德语。
(我还尝试省略了一些可能不需要的参数,例如 contextOut 属性。这导致请求的请求与在sdk官方消息中指出的那个,但也没有给出期望的结果。)
同样的问题,如果您希望删除存储的DF令牌,建议发送401响应。 DF没有隐式的撤销令牌意图。
Very simple use case explaining my problem: Given my app asks for a pin for some interactions. Now the user gives me three times a wrong pin. Then, I want to reset his access and force him to re-link his account. I can do this pretty easily in my internal database, but I need a way to tell google that his currently used token is not valid anymore. Else, Google Assistant resists in sending me the now rejected token.
Update 2018-03-01: With the new built-in intents/events, I also tried sending the actions_intent_SIGN_IN event via the followupEvent attribute, but this only lead google assistant to recall my api with GOOGLE_ASSISTANT_WELCOME (with the old oauth token..) instead of restarting the sign in workflow.
Original post
I have a google assistant app with dialogflow, which forces the user to be signed in to use my app. The initial oauth workflow works and I do get the token in all api calls.
Now I want to force the user to re-run the account linking workflow under certain circumstances. To do so, I remove the oauth token from my internal database and send exactly this response to the user, which should equal to an app.askForSignIn() call if you are using the sdk: https://github.com/actions-on-google/actions-on-google-nodejs/blob/fe29016d472eeb1d080e2b575236076e9341199e/test/dialogflow-app-test.js#L1827
But this doesn't work. The assistant does not tell the user to re-run the oauth linking workflow, and does not delete it's stored oauth token. It doesn't even use it's refresh token to get a new access token!
In addition, instead of using the "speech" attribute of my response, the simulator answers with "Sorry, I didn't get any response." - although my simulator is configured to speak German.
(I also tried to leave out several probably unneeded parameters like the contextOut attribute. This results in a different request than the one stated in the official sdk sources, but does not give the desired results either.)
Dealing with same issue, I was advised to send a 401 response if you desire to remove the stored DF token. DF does not have an implicit Revoke Token intent.
这篇关于强制用户重新链接他/她的帐户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
