Passport.js OAuth 2.0使用承载
[英]Passport.js OAuth 2.0 to use bearers
问题描述
I'm trying to implement the Google OAuth Passport.js strategy but due to the lack of documentation and examples, I can't seem to able to answer certain questions. 
我正在尝试实施Google OAuth Passport.js策略,但由于缺少文档和示例,我似乎无法回答某些问题。
My application is using bearers rather than cookies for security and technological reasons. 出于安全和技术原因,我的应用程序使用承载而不是cookie。
The single example available on the passport-google-oauth GitHub page doesn't explain certain things like: passport-google-oauth GitHub页面上提供的单个示例并未解释某些内容,例如:
- how a bearer strategy implementation could replace cookies in this scenario ? 在这种情况下,承载策略实施如何取代cookie?
- how do I obtain the expiration time of the Google token ? 如何获取Google令牌的到期时间?
- what should I do with
accessTokenandrefreshToken?我应该怎么做accessToken和refreshToken?
I really don't want to use cookies because that would create a second authorization system that is a duplicate of the bearer strategy already in place. 我真的不想使用cookie,因为这将创建第二个授权系统,该系统与已经存在的承载策略重复。
This question could be applied to other passport OAuth strategies like Twitter and Facebook. 这个问题可以应用于其他护照OAuth策略,如Twitter和Facebook。
1 个解决方案
解决方案1
4 已采纳 2014-09-24 15:59:30
I managed to find all the answers needed in this excellent blog post: 我设法找到了这篇优秀博客文章中所需的所有答案:
http://jeroenpelgrims.com/token-based-sessionless-auth-using-express-and-passport/ http://jeroenpelgrims.com/token-based-sessionless-auth-using-express-and-passport/
and the corresponding source code: 和相应的源代码:
https://bitbucket.org/resurge/sessionless-token-auth-with-express/src/6e94c2ea59591e75b074ff6acc89442065d33007/app.js?at=master https://bitbucket.org/resurge/sessionless-token-auth-with-express/src/6e94c2ea59591e75b074ff6acc89442065d33007/app.js?at=master
Thanks to Jeroen Pelgrims! 感谢Jeroen Pelgrims!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.