[英]Auth0 Lock - Google oauth2 unable to get refresh_token
I'm using Auth0 Lock with the google-oauth2
connection and I need to get a refresh_token
because I need to make API calls from the server-side when the user is offline. 我正在使用Auth0 Lock和
google-oauth2
连接,并且需要获取refresh_token
因为当用户离线时,我需要从服务器端进行API调用。
I'm following their guide but it's not working, refreshToken
is always undefined
. 我正在遵循他们的指南,但无法正常工作,
refreshToken
始终是undefined
。
Using http://cdn.auth0.com/js/lock/10.7.2/lock.min.js
使用
http://cdn.auth0.com/js/lock/10.7.2/lock.min.js
this.lock = new Auth0Lock('...', 'xxx.eu.auth0.com', {
initialScreen:'login',
allowedConnections: ['google-oauth2'],
allowSignUp: false,
auth: {
redirect: false,
responseType: "token",
params: {
'access_type': 'offline',
'approval_prompt': 'force',
},
},
autoclose: true
});
Tried also with params
'approval_prompt': 'force'
or 'prompt': 'select_account consent'
还尝试了以下
params
'approval_prompt': 'force'
或'prompt': 'select_account consent'
Instructions here: https://github.com/auth0/rules/blob/master/rules/google-refresh-token.md 此处的说明: https : //github.com/auth0/rules/blob/master/rules/google-refresh-token.md
That rule is wrong. 那条规则是错误的。 IdP
access_tokens
are available through the management API. 可通过管理API使用IdP
access_tokens
。 See this endpoint: https://auth0.com/docs/api/management/v2#!/Users/get_users_by_id 查看此端点: https : //auth0.com/docs/api/management/v2#!/ Users/ get_users_by_id
A special scope is required ( read:user_idp_tokens
). 需要一个特殊的范围(
read:user_idp_tokens
)。
This is because IdP tokens are sensitive artifacts, so Auth0 puts an extra layer of security to obtain them. 这是因为IdP令牌是敏感工件,因此Auth0为获得它们提供了额外的安全性。
You can of course call the API from a rule, but we'd likely advise against it and instead have your backend act on behalf of your (front-end) app.
您当然可以从规则中调用API,但是我们可能会建议您不要使用它,而是让您的后端代表您的(前端)应用执行操作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.