[英]Authenticate with Google on the web (javascript), consume on the server (.NET)
We have a web server using Google Sign-In to authenticater and authorize for API access (Classroom). 我们有一个使用Google登录功能进行身份验证和授权进行API访问的网络服务器(教室)。 We need the sign-in part, so we're using
init()
and signIn()
. 我们需要登录部分,因此我们使用
init()
和signIn()
。 We cannot use authorise()
. 我们不能使用
authorise()
。 Also, we're not signin in with particular scopes, as we just need identify for normal usage. 另外,我们不使用特定范围登录,因为我们只需要标识正常使用情况即可。
The logged-in user can enable a feature that requires offline access on behalf of his/her account to the Google Classrom API. 登录的用户可以启用一项功能,该功能需要代表他/她的帐户脱机访问Google Classrom API。 We call
grantOfflineAccess()
with two scopes related to Classroom to get an authentication code, which is stored for later. 我们使用与Classroom有关的两个范围调用
grantOfflineAccess()
来获取身份验证代码,该代码将存储以供以后使用。
On the server side, we have a gRPC service that doesn't expose any web front-end. 在服务器端,我们有一个gRPC服务,它不公开任何Web前端。 We're using C#/.NET with the Google API Client libraries .
我们正在将C#/。NET与Google API客户端库配合使用 。
I implemented an IDataStore
that can respond to TokenResponse
requests by either calling AuthorizationCodeFlow.ExchangeCodeForTokenAsync with the above code, or return the last TokenResponse
stored in the database. 我实现了一个
IDataStore
,它可以通过使用上述代码调用AuthorizationCodeFlow.ExchangeCodeForTokenAsync来响应TokenResponse
请求,或者返回存储在数据库中的最后一个TokenResponse
。 When (well, "if") IDataStore.StoreAsync
is called with a new version (normally after a token refresh was required), it saves it again in the database. 当使用新版本(通常在需要刷新令牌之后)调用(如果是)时,通常将
IDataStore.StoreAsync
保存在数据库中。
My problem is that ExchangeCodeForTokenAsync
returns me a TokenResponse
without a refresh_token
. 我的问题是
ExchangeCodeForTokenAsync
返回我TokenResponse
没有refresh_token
。 This means the access_token
is only valid for 60 minutes. 这意味着
access_token
仅在60分钟内有效。 I would need to intercept exceptions at the service call level to call ExchangeCodeForTokenAsync
again (if that works!), instead of relying on the Google API Client Library handling refreshing automatically all nicely. 我需要在服务调用级别拦截异常,以再次调用
ExchangeCodeForTokenAsync
(如果可行!),而不是依靠Google API客户端库来自动处理所有刷新。
What could be preventing ExchangeCodeForTokenAsync
from returning me a refresh_token
? 是什么可以阻止
ExchangeCodeForTokenAsync
向我返回refresh_token
?
Thanks. 谢谢。
Well, I found the answer in this other question . 好吧,我在另一个问题中找到了答案。
The refresh_token is only provided on the first authorization from the user.
仅在用户的首次授权下提供refresh_token。 Subsequent authorizations, such as the kind you make while testing an OAuth2 integration, will not return the refresh_token again.
后续授权(例如您在测试OAuth2集成时所做的授权)将不会再次返回refresh_token。 :)
:)
I simply removed my app from my Google account's authorized apps, and my next ExchangeCodeForTokenAsync
call returned me a refresh_token
. 我只是从我的Google帐户的授权应用程序中删除了我的应用程序,而我的下一个
ExchangeCodeForTokenAsync
调用向我返回了refresh_token
。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.