如何刷新OAuth2令牌? 我需要等待令牌到期吗? (Patreon API)
[英]How can I refresh an OAuth2 token? Do I need to wait for the token to Expire? (Patreon API)
问题描述
I'm trying out OAuth using Patreon's api. 
我正在尝试使用Patreon的api进行OAuth。 I've very new to the OAuth process and had been using Patreon's Javascript Package to help manage the request for me. 我对OAuth流程非常陌生,一直在使用Patreon的Javascript包来帮助管理我的请求。
- NPM: https://www.npmjs.com/package/patreon NPM: https : //www.npmjs.com/package/patreon
- Patreon Documentation: https://docs.patreon.com/#introduction Patreon文档: https ://docs.patreon.com/#introduction
So far I've been able to successfully get the token via: 到目前为止,我已经能够通过以下方式成功获取令牌:
import * as patreon from 'patreon';
const patreonOAuthClient = patreon.oauth(clientId, clientSecret);
patreonOAuthClient.getTokens(oauthGrantCode, redirectURL).then((tokenResponse) => {
console.log(tokenResponse);
})
The token I recieve comes out like this: 我收到的令牌如下所示:
// Example Token from getTokens()'s then()-response
tokenResponse = {
access_token: "UbHYT3H51GpeYueBeBuvBj1fnEFzv5A5870s_rYeMHo",
expires_in: 2678400,
refresh_token: "AP5aAw-gJbVf35tWxQb74rmJJz2MhwIYq660m0jiZQ4",
scope: "my-campaign pledges-to-me users",
token_type: "Bearer",
version: "0.0.1"
}
In my local server, I'm trying to get refresh token to work so I don't have to keep asking users permission every month. 在我的本地服务器上,我试图使刷新令牌正常工作,所以我不必每个月都在征求用户的许可。
Although when I use the refresh token method I get a 400 Bad Request: 虽然使用刷新令牌方法时会收到400错误的请求:
patreonOAuthClient.refreshToken(tokenResponse).then(response => {
console.log(response, 'success!');
}).catch(err => {
console.log(err, ':(');
});
It's not shown in the npm documentation but you can find refreshToken() on the github source code of patreon. 它没有显示在npm文档中,但是您可以在patreon的github源代码上找到refreshToken() 。
According to here in their api documents: 根据这里他们的api文件:
If you wish to get up-to-date information after the token has expired, a new token may be issued to be used for the following month.
So is the reason I'm getting 400 because I need to wait a month to refresh the token or am I just incorrectly implementing the API? 那是因为我需要等待一个月来刷新令牌而还是得到400的原因还是我只是错误地实现了API? I'm hoping someone with more OAuth experience can tell me if we should be doing token refreshes either before or after the token expires? 我希望有更多OAuth经验的人可以告诉我,是否应该在令牌过期之前或之后进行令牌刷新?
(If you refresh it before it expires is there a certain way to time an express server to do it before the month expires? As I think it adding a timeout for each token would be really bad for memory). (如果您在过期之前刷新它,是否有某种方法可以安排快递服务器在该月过期之前进行设置?因为我认为为每个令牌添加一个超时时间确实对内存不利)。
1 个解决方案
解决方案1
0 已采纳 2018-05-19 07:51:08
I finally got the SDK working.. I was under the impression from the source code that the token was the object received from the response. 我终于使SDK正常工作了。从源代码给人的印象是,令牌是从响应中接收到的对象。 But it turns out that the token is the string value. 但是事实证明令牌是字符串值。
So: 所以:
// Using tokenResponse.refresh_token instead of just tokenResponse
patreonOAuthClient.refreshToken(tokenResponse.refresh_token).then(response => {
console.log(response, 'success!');
}).catch(err => {
console.log(err, ':(');
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.