堆栈内存溢出
  简体   繁体   English

授权代码授予:当用户不在时如何获取访问令牌?

[英]Authorization Code Grant: how can I get an access token when the user is not present?

 原文  2019-04-18 09:15:14       oauth-2.0/ authorization/ docusignapi

问题描述

I would like to ask the user to authorize my application only once and then be able to use his credentials to make DocuSign API call even when he is not connected to perform automatic operations.我想要求用户只授权我的应用程序一次,然后即使他没有连接执行自动操作,也可以使用他的凭据进行 DocuSign API 调用。

I am currently using Authorization Code Grant but how can i do to never ask the user to authorize my application again ?我目前正在使用授权代码授予,但我该怎么做才能不再要求用户对我的应用程序进行授权?

1 个解决方案

解决方案1
 1 已采纳  2019-04-19 08:22:23

An excellent question.一个很好的问题。 Here's an answer:这是一个答案:

  1. When using authorization code grant with the user, include scope extended in addition to scope signature与用户一起使用授权代码时,除了范围signature外,还包括范围extended
  2. After the user authenticates and grants consent, your app will receive an access token (good for 8 hours) and a refresh token (good for 30 days).在用户进行身份验证并授予同意后,您的应用将收到一个访问令牌(有效期为 8 小时)和一个刷新令牌(有效期为 30 天)。
  3. Then when your app needs to use the DocuSign API, use the access token (whether the user is present or not).然后当您的应用程序需要使用 DocuSign API 时,使用访问令牌(无论用户是否在场)。 If it doesn't work then use the Refresh Operation to obtain a new access token (good for 8 hours) and a new refresh token (good for 30 days from the time of the refresh operation)如果它不起作用,则使用刷新操作获取新的访问令牌(有效期为 8 小时)和新的刷新令牌(有效期为从刷新操作开始的 30 天)

Result: Your app will always be able to use either its current access token for the user to do operations on behalf of the user, or will be able to get a new access token for use.结果:您的应用将始终能够使用其当前的访问令牌来代表用户执行操作,或者将能够获取新的访问令牌以供使用。

Caveat: Your app will need to use the refresh operation at least once every 30 days otherwise the refresh token will expire.警告:您的应用程序需要至少每 30 天使用一次刷新操作,否则刷新令牌将过期。 In that case, the user will need to re-authenticate via your app and the Authorization Code Grant flow.在这种情况下,用户将需要通过您的应用程序和授权代码授予流程重新进行身份验证。

Corner cases: Since the user can withdraw consent at any time, your app should gracefully handled that case.极端情况:由于用户可以随时撤回同意,因此您的应用应该优雅地处理这种情况。

Note Since the refresh token lasts 30 days, you'll want to store it in durable storage (eg a DBMS), not just in memory.注意由于刷新令牌持续 30 天,您需要将它存储在持久存储(例如 DBMS)中,而不仅仅是在内存中。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 我获得 cookie 而不是带有授权代码授权的令牌 - I get cookie instead of token with authorization code grant 我应如何以及在何处存储access_token(授权码授予)? - How and where should I store an access_token (Authorization code grant)? 尝试获取访问令牌时,Swift 'Required String parameter 'grant_type' is not present' 错误 - Swift 'Required String parameter 'grant_type' is not present' error when trying to get an access token 如何放心地使用 oauth 2.0 授权授予类型获取访问令牌 - How to get access token using oauth 2.0 authorization grant type in rest assured 如何从 Laravel Passport 中的授权码授予中获取授权码? - How to get an authorization code from the Authorization Code Grant in Laravel Passport? 我们可以从护照js中的授权代码获取访问令牌吗 - Can we get access token from authorization code in passport js 如何在启用 ADFS 的 OAuth 中为授权码授予生成令牌 - How to generate token for Authorization Code grant in ADFS enabled OAuth Microsoft Graph API - 如何在没有授权码的情况下获取访问令牌? - Microsoft Graph API - how to get access token without Authorization Code? 如何在授权代码流中将额外数据设置为访问令牌 - How can I set Extra Data into Access Token in Authorization code flow 如何通过授权令牌获取访问令牌 - How to get access token through authorization token
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM