Google云端硬盘实时API OAuth2刷新错误 [英] Google Drive Realtime API OAuth2 Refresh Errors
问题描述
当页面第一次打开时,它成功地请求了一个OAuth令牌,加载实时文档[A]。 50分钟后(令牌到期前10分钟),它会成功重新申请一个新的OAuth令牌[B]。第一个令牌过期后,当前打开的连接会获得401未经授权的错误,并需要新的oauth令牌[C]。这本身似乎是一个问题,因为它应该已经更新自己以使用来自[B]的新有效标记。
然而,应用程序仍然应该对如发生这种情况 - 因此通过关闭并重新打开文档[D]并获取另一个新的OAuth令牌来处理。不幸的是,在这一点上,实时API处于无限循环中,导致access_token [E]出错。所有OAuth令牌都是使用gapi.auth.authorize具有相同的范围并且没有对setToken的调用。我以前尝试过使用setToken,但这也有完全相同的问题。
实际问题
处理的正确方法是什么刷新实时API的OAuth令牌?在关闭和重新打开文档时,如何防止驱动器API内部出现重复故障?
[A]
_aa :1
access_token:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXz9AYBkyympssqI
client_id:XXXXXXXXXXXXXXXX.apps.googleusercontent.com
cookie_policy:undefined
expires_at:1373610287
expires_in: 3600
g_user_cookie_policy:未定义
issued_at: 1373606687
RESPONSE_TYPE: 令牌
范围:数组[2]
状态:
token_type: 载体
[b]
_aa: 1
的access_token: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXV2kzG4EMUppi
CLIENT_ID: XXXXXXXXXXXXXX.apps.googleusercontent.com
cookie_policy:未定义
expires_at: 1373613288
expires_in: 3600
g_user_cookie_policy:未定义
issued_at: 1373609688
RESPONSE_TYPE: 令牌
scope:Array [2]
state:
token_type:持票人
[C]
GET https://drive.google。 COM / otservice /绑定ID = 1B-XXXXXXXXXXXXXXXXXXXXX_nRizfqmT ...&安培; RID = RPC&安培; SID = XXXXXXXXXXXXXXXXX&安培; CI = 0&安培; AID = 221安培; TYPE = XMLHTTP&安培; ZX = ns6e5dr7rf4& T公司= 1 401(未授权)
变频器实时API错误:token_refresh_required:必须刷新OAuth令牌。
[d]
[关闭实时文档]
[打开实时文档]
_aa: 1
的access_token:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXMHzJXm2dF -
CLIENT_ID: XXXXXXXXXXXXXX.apps.googleusercontent.com
cookie_policy:未定义
expires_at: 1373613918
expires_in: 3600
g_user_cookie_policy:未定义
issued_at:1373610318
response_type:token
scope:Array [2]
state:
token_type:承载者
$ {
$ [$ 100]
$ [$ 100]未读取TypeError:无法读取零的属性'o'
p>感谢!
我看了一下你的问题,我认为你对这两个主要问题是正确的。 / p>
- 刷新的代币不会被API自动提取。 关闭并重新打开文档代码定期不能读取'null'属性'错误。
关于问题1,我们pi每次保存更改时都会刷新刷新的令牌,并且每当服务器到客户端连接不健康(例如, 401错误后)。这显然不包含的情况是,您提前刷新标记并且文档没有任何更改。在这种情况下,即使您已经更新了令牌,也会看到401。我正在为此问题修复此问题,该连接状况良好时,将每30秒选取一次刷新的令牌。最终,我们希望将这个事件驱动为使得令牌立即被拾取,但是涉及更多,因为它需要更改gapi.auth。
关于问题2,根据我的测试,似乎定期错误是虚假的(内部我们仍然试图刷新旧文档的标记,即使文档已关闭,这就是为什么您会得到无法读取属性错误)。我正在为此修复一个问题,但您仍应该能够重新加载文档(尽管您会看到很多旧文档的垃圾错误)。请让我知道,如果不是这种情况,你真的不能重新加载文件。我应该注意,你应该不需要重新加载文件,当你得到令牌刷新错误。这通过传递给您的错误处理程序的gapi.drive.realtime.Error对象的isFatal属性为false来指示,这表示错误是可恢复的。针对token_refresh_required错误的建议响应是刷新令牌 - 网络服务应自动追赶。如果这不起作用,请随时告诉我,因为它是一个错误。
< - > - Brian(实时API开发人员)
Over the last couple days I've been seeing some increasingly problematic issues with a long running realtime app. I've walked through the steps below and the code snippet at the bottom contains additional debug info from the app.
When the page first opens it successfully requests an OAuth token and loads the realtime doc [A]. After 50 minutes (10 minutes before the token expires) it re-requests a new OAuth token successfully [B]. After the first token has expired the currently open connection gets a 401 unauthorized error and requires a new oauth token [C]. This in itself seems like a problem as it should have updated itself to use the new valid token from [B].
However the app should still be resilient to an error like this occurring - so it gets handled by closing and reopening the doc [D] and getting another new OAuth token. Unfortunately at this point, the realtime API sits in an infinite loop getting errors for the access_token [E].
All of the OAuth tokens are requested using gapi.auth.authorize with the same scopes and no call to setToken. I previously tried using setToken, but that had exactly the same problems.
Actual Questions What is the correct way to deal with refreshing the OAuth token for the realtime API? How can I prevent repeated failures internal to the drive APIs when closing and reopening a doc?
[A]
_aa: "1"
access_token: "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXz9AYBkyympssqI"
client_id: "XXXXXXXXXXXXXXXX.apps.googleusercontent.com"
cookie_policy: undefined
expires_at: "1373610287"
expires_in: "3600"
g_user_cookie_policy: undefined
issued_at: "1373606687"
response_type: "token"
scope: Array[2]
state: ""
token_type: "Bearer"
[B]
_aa: "1"
access_token: "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXV2kzG4EMUppi"
client_id: "XXXXXXXXXXXXXX.apps.googleusercontent.com"
cookie_policy: undefined
expires_at: "1373613288"
expires_in: "3600"
g_user_cookie_policy: undefined
issued_at: "1373609688"
response_type: "token"
scope: Array[2]
state: ""
token_type: "Bearer"
[C]
GET https://drive.google.com/otservice/bind?id=1B-XXXXXXXXXXXXXXXXXXXXX_nRizfqmT…&RID=rpc&SID=XXXXXXXXXXXXXXXXX&CI=0&AID=221&TYPE=xmlhttp&zx=ns6e5dr7rf4&t=1 401 (Unauthorized)
Drive Realtime API Error: token_refresh_required: The OAuth token must be refreshed.
[D]
[Close Realtime Document]
[Open Realtime Document]
_aa: "1"
access_token: "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXMHzJXm2dF-"
client_id: "XXXXXXXXXXXXXX.apps.googleusercontent.com"
cookie_policy: undefined
expires_at: "1373613918"
expires_in: "3600"
g_user_cookie_policy: undefined
issued_at: "1373610318"
response_type: "token"
scope: Array[2]
state: ""
token_type: "Bearer"
[E]
[x100] Uncaught TypeError: Cannot read property 'o' of null
Thanks!
I took a look at your issue and I think you're correct about the two main issues.
- Refreshed tokens aren't automatically picked up by the API.
- Closing and reopening a document leads to periodic "Cannot read property 'o' of null" errors.
Regarding issue 1, we pick up a refreshed token any time a change is saved and also every second while the server to client connection is unhealthy (e.g. after a 401 error). What this obviously doesn't cover is the case where you refresh the token early and there isn't any change to the document. In this case, you'll see a 401 even though you already updated the token. I'm working on a fix for this issue that will pick up the refreshed token every 30 seconds while the connection is healthy. Ultimately we would like to have this be event driven so that the token is picked up immediately, but that is somewhat more involved because it will require changes to gapi.auth.
Regarding issue 2, based on my testing it appears that the periodic error is spurious (internally we're still trying to refresh the token for the old document even though the document has been closed, which is why you get the 'Cannot read property' error). I'm working on a fix for this as well, but you should still be able to reload the document (although you will see lots of garbage errors for the old document). Please let me know if this isn't the case and you really can't reload the document.
I should note that you should not need to reload the document when you get a token refresh error. This is indicated by the fact that the isFatal property of the gapi.drive.realtime.Error object passed to your error handler is false, which indicates that the error is recoverable. The suggested response for a token_refresh_required error is to refresh the token - the network service should catch up automatically. If that doesn't work, please feel free to let me know as it is a bug.
-- Brian (Realtime API Developer)
这篇关于Google云端硬盘实时API OAuth2刷新错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
