使用OAuth刷新令牌获取新的访问令牌 - Google API
[英]Use OAuth Refresh Token to Obtain New Access Token - Google API
问题描述
My app is simple, it connects to the Google+ API to authenticate the user, and if successful, it retrieves the user's email and then performs a series of operations on a given database based on the email retrieved. 
我的应用很简单,它连接到Google+ API以对用户进行身份验证,如果成功,它会检索用户的电子邮件 ,然后根据检索到的电子邮件对给定数据库执行一系列操作。
My main issue is that every hour, my access token expires, and I seem not to know how to "refresh" it. 我的主要问题是每小时,我的访问令牌都会过期,而我似乎不知道如何“刷新”它。 I get the following error, which I imagine is expected: 我得到以下错误,我想是预期的:
The OAuth 2.0 access token has expired, and a refresh token is not available.
I am currently storing the access token on a database, and I can therefore retrieve if needed. 我目前正在将访问令牌存储在数据库中,因此我可以根据需要进行检索。 My only question is how do I use that token to gain a new one? 我唯一的问题是如何使用该令牌获得新的令牌?
1 个解决方案
解决方案1
16 已采纳 2014-05-27 04:09:44
Whoa, it took me significantly longer to figure this out, and the answers out there seemed quite incomplete to me. 哇,我花了很长时间才弄明白这一点,那里的答案对我来说似乎很不完整。
Before we start please keep in mind that this answer assumes you are using the latest Google API PHP Library , as of May 26th of 2014 . 在开始之前,请记住,此答案假设您使用的是最新的Google API PHP库 ,截至2014年5月26日 。
1 - Make sure the access type your app requests is offline . 1 - 确保您的应用请求的访问类型offline 。 A refresh_token is not provided otherwise. 否则不提供 refresh_token 。 From Google: This field is only present if access_type=offline is included in the authorization code request. 来自Google: 只有在授权代码请求中包含access_type = offline时,才会显示此字段。
$gClient->setAccessType('offline');
2 - Upon the first authorization, persist the provided refresh_token for further access. 2 - 在第一次授权时,保留提供的refresh_token以进一步访问。 This can be done via cookies , database , etc. I chose to store in on a database: 这可以通过cookie , 数据库等完成。我选择存储在数据库中:
$tokens = json_decode($gClient->getAccessToken()); /* Get a JSON object */
setRefreshToken($con, $tokens->refresh_token /* Retrieve form JSON object */);
3 - Check if the AccessToken has expired, and request a refreshed token from Google if such is the case. 3 - 检查AccessToken是否已过期,如果是这种情况,请向Google请求刷新的令牌。
if ($gClient->isAccessTokenExpired()) {
$refreshToken = getRefreshToken($con, $email);
$gClient->refreshToken($refreshToken);
}
Where getRefreshToken is retrieving the previously stored refresh_token from our database, and then we pass that value to the Client's refreshToken method. 其中getRefreshToken从我们的数据库中检索先前存储的refresh_token ,然后我们将该值传递给Client的refreshToken方法。
Quick Note: It's key to remember that if you had previously authorized your app, you probably won't see a refresh_token on the response, since it is only provided the first time we call authenticate . 快速注意:关键是要记住,如果您之前已经授权了您的应用程序,您可能不会在响应中看到refresh_token ,因为它仅在我们第一次调用authenticate 。 Therefore, you can either go to https://www.google.com/settings/security and Revoke Access to your app or you can add the following line when creating the Client object: 因此,您可以访问https://www.google.com/settings/security并撤消对应用的访问权限 ,也可以在创建客户端对象时添加以下行:
$gClient->setApprovalPrompt('force');
From Google: If the value is force, then the user sees a consent page even if they previously gave consent to your application for a given set of scopes. 来自Google: 如果值为force,则用户会看到同意页面,即使他们之前已同意您的应用程序使用一组给定范围。 Which in turn ensures that a refresh_token is provided on each authorization. 这反过来确保在每个授权上提供refresh_token 。
Full Sample Here: http://pastebin.com/jA9sBNTk 完整示例: http : //pastebin.com/jA9sBNTk
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.