从短命的生成长期访问令牌? [英] Generate long-lived access token from short-lived one?
问题描述
我们的应用使用通常的短期访问+刷新令牌为用户提供一系列后台服务。这意味着现在和现在的服务都需要刷新令牌。
我们遇到了两个服务试图同时刷新令牌的问题,从而导致一个无效的令牌。
有没有更好的方法来生成一个不需要每小时刷新的可用访问令牌?$ b $为什么从刷新标记中生成更多的访问标记会导致错误,因此没有理由不这样做。从刷新令牌生成新的访问令牌时,现有的非过期访问令牌不会失效。
请检查您的代码是否有错误。
也无法生成长期存取令牌。你问的是如何oauth1 / clientlogin用于工作(他们过了2周而不是1小时)。在oauth2中,没有长期存取令牌这样的事情。
Our app uses the usual short-lived access + refresh tokens to do a bunch of background services for users. This means that every now and then the services need to refresh the tokens.
We've run into an issue where 2 services try to refresh a token at the same time, thus resulting in an invalid token.
Is there a better way to generate a usable access token that doesn't require a refresh every hour?
there is no reason why generating more access tokens from refresh tokens would cause an error.
existing non-expired access tokens are not invalidated when a new one is produced from the refresh token.
check your code for errors there.
also there is no way to generate a long lived access token. what you ask is how oauth1/clientlogin used to work (they expired after 2 weeks instead of 1 hour). in oauth2 there is no such thing as a long lived access token.
这篇关于从短命的生成长期访问令牌?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!