OAuth v2 (Google API) 过期访问令牌 [英] OAuth v2 (Google API) expiry Access Token
问题描述
我正在使用具有预构建 OAuth2 连接器的图形框架构建集成组件.此框架需要 OAuth v2 的以下字段:
I am building an integration component using a graphical framework who has a pre-build OAuth2 connector. This framework required following fields for OAuth v2:
- 资助类型
- 范围
- 身份验证服务器 URL
- 客户 ID
- 客户机密
- 访问令牌
- 刷新令牌
我需要从 Google Analytics API 获取数据,所以我去了 Google Dev Console(https://console.developers.google.com/project/927890000889/apiui/证书).我生成了一个Web 应用程序的客户端 ID".从这个对象的参数我能够填充上面的一些参数
I need to get data from Google Analytics API, so I went to Google Dev Console (https://console.developers.google.com/project/927890000889/apiui/credential). I generated a 'Client ID for web application'. From the parameter of this object I was able to fill some of the parameters above
- 授权类型:'authorisation_code'
- 客户端 ID:'RANDOMCHARSam5o37nsiu730d.apps.googleusercontent.com'
- 客户端密码:'RANDOMCHARSiSwBA5OH5qYLUa'
然后使用 Google Oauth Playground (https://developers.google.com/oauthplayground)能够填补缺失的位
Then using Google Oauth Playground (https://developers.google.com/oauthplayground) I was able to fill the missing bits
- 范围:'https://www.googleapis.com/oauth/analytics'
- 身份验证服务器网址:'https://accounts.google.com/o/oauth2/auth'
- 访问令牌:'RANDOMCHARSQAQv4HRF5-JsQEzUS61lj2YremyCocv0PQ4-agpzJe'
- 刷新令牌:'RANDOMCHARSLPJnL4FPaDc2KP6V8kCzjjHO2Kj4Np_3X0'
一切正常,我被授权访问并从 Google Analytics 获取数据,但有一段时间,如果我重试,我会在几分钟后收到授权失败错误.我认为问题与访问令牌到期有关,但我不知道如何解决.值得一提的是,这个活动是批量的(没有人工交互),所以没有人可以请求新的访问令牌.集成框架不可扩展(我无法编写代码来更新代码),所以我相信有一种方法可以获得永不过期的访问令牌或其他一些机制来实现相同的结果.
Everything works fine, I am authorised to access and I get data from Google Analytics, but just for a while, after few minutes if I retry I receive an authorisation failure error. I believe that the problem is related to the expiration of the Access Token, but I don't know how to solve that. Worth to mention that this activity it's batch (no human interaction), so nobody can request a new access token. The integration framework is not extensible (I cannot write code to renew the code) so I believe there's a way to get a access token that never expire or some other mechanism to achieve the same result.
最重要的是,我不确定我是否从一开始就正确处理了要求(Web 应用程序的客户端 ID).
Bottom line, I am not sure if I approached the requirement correctly since the beginning (Client ID for web application).
非常感谢任何帮助,乔瓦尼
Any help is much appreciated, Giovanni
推荐答案
访问令牌通常会在 60 分钟后过期.如果您有刷新令牌,则可以使用刷新令牌获取新的(有效)访问令牌.
Access tokens typically expire after 60 minutes. If you have a refresh token you can use the refresh token to get a new (valid) access token.
本文档解释了如何做到这一点:
https://developers.google.com/accounts/docs/OAuth2WebServer#refresh
This doc explains how to do that:
https://developers.google.com/accounts/docs/OAuth2WebServer#refresh
为了回答您的首要问题,是的,您正确地处理了所有问题.您需要做的就是通过刷新访问令牌来处理访问令牌已过期的情况.此外,当您最初请求访问令牌时,响应应该告诉您它的有效期有多长,因此您应该只在令牌过期时刷新该令牌.
To answer your overarching question, yes, you are approaching everything correctly. All you need to do is handle the case where the access token has expired by refreshing it. Also, when you originally requested the access token the response should tell you how long it's valid for, so you should only refresh that token if it's expired.
这篇关于OAuth v2 (Google API) 过期访问令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
