[英]Can't refresh Google API token in Rails app
I am trying to work with the Google Calendar API in my Rails(5.2.1) app but am having real trouble with the refresh token--my understanding of which is tenuous at best, even after having gone through quite a bit of documentation. 我正在尝试在Rails(5.2.1)应用程序中使用Google Calendar API,但是在刷新令牌方面确实遇到了麻烦-即使经过大量的文档介绍,我对它的理解充其量也是充斥的。
Here is my code: 这是我的代码:
class CalendarsController < ApplicationController
def authorize
client = Signet::OAuth2::Client.new(client_options)
redirect_to client.authorization_uri.to_s
end
def callback
client = Signet::OAuth2::Client.new(client_options)
client.code = params[:code]
response = client.fetch_access_token!
session[:authorization] = response
redirect_to root_url
end
def get_calendars
client = Signet::OAuth2::Client.new(client_options)
client.update!(session[:authorization])
client.update!(
additional_parameters: {
access_type: 'offline',
prompt: 'consent'
}
)
service = Google::Apis::CalendarV3::CalendarService.new
service.authorization = client
# here is my attempt to refresh
begin
service.list_calendar_lists
rescue Google::Apis::AuthorizationError
response = client.refresh!
session[:authorization] = session[:authorization].merge(response)
retry
end
end
def new
all_calendars = get_calendars.items
@calendar_list = all_calendars.select {|calendar| calendar.access_role=="owner"}
end
def client_options
{
client_id: Rails.application.credentials.web[:client_id],
client_secret: Rails.application.credentials.web[:client_secret],
authorization_uri: 'https://accounts.google.com/o/oauth2/auth?access_type=offline&prompt=consent',
token_credential_uri: 'https://accounts.google.com/o/oauth2/token',
scope: Google::Apis::CalendarV3::AUTH_CALENDAR,
redirect_uri: callback_url
}
end
end
If I go to the URL that leads to #authorize
I am directed to an OAuth screen and asked for permission to access my calendars. 如果我转到导致
#authorize
的URL,我将被定向到OAuth屏幕,并要求获得访问我的日历的权限。 Once granted, the app works as expected. 获得批准后,该应用程序将按预期运行。 After an hour, the token expires and I can't get it to refresh.
一个小时后,令牌到期,我无法刷新它。 You can see my attempt above: Without that attempt, I get a
Google::Apis::AuthorizationError
. 您可以在上面看到我的尝试:如果没有尝试,我会收到
Google::Apis::AuthorizationError
。 With it, I get "Missing authorization code." 有了它,我得到“缺少授权码”。 I'm totally lost and am having trouble following the documentation.
我完全迷路了,在遵循文档时遇到了麻烦。
The documentation is quite challenging, and the error messages don't help much! 该文档非常具有挑战性,并且错误消息没有太大帮助!
You're not showing the client_options
that are being passed in, and since everything else looks correct - I'm guessing this is where the problem lies. 您没有显示正在传递的
client_options
,并且由于其他所有内容看起来都是正确的-我猜这是问题所在。 Are you setting the access_type
parameter for offline access, so that you can actually refresh the token without the user having to re-authenticate? 您是否将
access_type
参数设置为脱机访问,以便实际上可以刷新令牌而无需用户重新进行身份验证?
From the documentation : 从文档中 :
Set the value to offline if your application needs to refresh access tokens when the user is not present at the browser.
如果您的应用程序在浏览器中不存在用户时需要刷新访问令牌,则将该值设置为offline。 This is the method of refreshing access tokens described later in this document.
这是刷新访问令牌的方法,将在本文档后面部分介绍。 This value instructs the Google authorization server to return a refresh token and an access token the first time that your application exchanges an authorization code for tokens.
此值指示Google授权服务器在您的应用程序第一次将授权代码交换为令牌时返回刷新令牌和访问令牌。
You can do this in the authorization_uri
. 您可以在
authorization_uri
执行此操作。 For example: 例如:
client = Signet::OAuth2::Client.new({
client_id: ...,
client_secret: ...,
authorization_uri: "https://accounts.google.com/o/oauth2/auth?access_type=offline&prompt=consent",
scope: Google::Apis::CalendarV3::AUTH_CALENDAR,
redirect_uri: callback_url
})
Or when calling update!
或在致电
update!
: :
client.update!(
additional_parameters: {
access_type: 'offline',
prompt: 'consent'
}
)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.