无法在Rails应用中刷新Google API令牌
[英]Can't refresh Google API token in Rails app
问题描述
I am trying to work with the Google Calendar API in my Rails(5.2.1) app but am having real trouble with the refresh token--my understanding of which is tenuous at best, even after having gone through quite a bit of documentation. 
我正在尝试在Rails(5.2.1)应用程序中使用Google Calendar API,但是在刷新令牌方面确实遇到了麻烦-即使经过大量的文档介绍,我对它的理解充其量也是充斥的。
Here is my code: 这是我的代码:
class CalendarsController < ApplicationController
def authorize
client = Signet::OAuth2::Client.new(client_options)
redirect_to client.authorization_uri.to_s
end
def callback
client = Signet::OAuth2::Client.new(client_options)
client.code = params[:code]
response = client.fetch_access_token!
session[:authorization] = response
redirect_to root_url
end
def get_calendars
client = Signet::OAuth2::Client.new(client_options)
client.update!(session[:authorization])
client.update!(
additional_parameters: {
access_type: 'offline',
prompt: 'consent'
}
)
service = Google::Apis::CalendarV3::CalendarService.new
service.authorization = client
# here is my attempt to refresh
begin
service.list_calendar_lists
rescue Google::Apis::AuthorizationError
response = client.refresh!
session[:authorization] = session[:authorization].merge(response)
retry
end
end
def new
all_calendars = get_calendars.items
@calendar_list = all_calendars.select {|calendar| calendar.access_role=="owner"}
end
def client_options
{
client_id: Rails.application.credentials.web[:client_id],
client_secret: Rails.application.credentials.web[:client_secret],
authorization_uri: 'https://accounts.google.com/o/oauth2/auth?access_type=offline&prompt=consent',
token_credential_uri: 'https://accounts.google.com/o/oauth2/token',
scope: Google::Apis::CalendarV3::AUTH_CALENDAR,
redirect_uri: callback_url
}
end
end
If I go to the URL that leads to #authorize I am directed to an OAuth screen and asked for permission to access my calendars. 如果我转到导致#authorize的URL,我将被定向到OAuth屏幕,并要求获得访问我的日历的权限。 Once granted, the app works as expected. 获得批准后,该应用程序将按预期运行。 After an hour, the token expires and I can't get it to refresh. 一个小时后,令牌到期,我无法刷新它。 You can see my attempt above: Without that attempt, I get a Google::Apis::AuthorizationError . 您可以在上面看到我的尝试:如果没有尝试,我会收到Google::Apis::AuthorizationError 。 With it, I get "Missing authorization code." 有了它,我得到“缺少授权码”。 I'm totally lost and am having trouble following the documentation. 我完全迷路了,在遵循文档时遇到了麻烦。
1 个解决方案
解决方案1
1 2018-08-14 21:03:17
The documentation is quite challenging, and the error messages don't help much! 该文档非常具有挑战性,并且错误消息没有太大帮助!
You're not showing the client_options that are being passed in, and since everything else looks correct - I'm guessing this is where the problem lies. 您没有显示正在传递的client_options ,并且由于其他所有内容看起来都是正确的-我猜这是问题所在。 Are you setting the access_type parameter for offline access, so that you can actually refresh the token without the user having to re-authenticate? 您是否将access_type参数设置为脱机访问,以便实际上可以刷新令牌而无需用户重新进行身份验证?
From the documentation : 从文档中 :
Set the value to offline if your application needs to refresh access tokens when the user is not present at the browser.
You can do this in the authorization_uri . 您可以在authorization_uri执行此操作。 For example: 例如:
client = Signet::OAuth2::Client.new({
client_id: ...,
client_secret: ...,
authorization_uri: "https://accounts.google.com/o/oauth2/auth?access_type=offline&prompt=consent",
scope: Google::Apis::CalendarV3::AUTH_CALENDAR,
redirect_uri: callback_url
})
Or when calling update! 或在致电update! : :
client.update!(
additional_parameters: {
access_type: 'offline',
prompt: 'consent'
}
)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.