使用passport.js返回的访问令牌的正确方法是什么?
[英]What is the proper way to use an access token returned by passport.js?
问题描述
I'm trying to understand how to use oauth2 in a pet project. 
我试图了解如何在宠物项目中使用oauth2。 I understand how passport.js uses the middleware passport.authenticate('google'...) to make sure that a user is authorized and I understand that the access token, refresh token, and profile are returned. 我了解passport.js如何使用中间件passport.authenticate('google'...)来确保用户已获得授权,并且我了解返回了访问令牌,刷新令牌和配置文件。 However, how would I use the access token properly? 但是,如何正确使用访问令牌? When I get the access token, then I know that a user has been successfully authenticated and I have the scope information which is in profile. 当我获得访问令牌时,便知道用户已成功通过身份验证,并且拥有配置文件中的范围信息。 But then I'm just confused as to what I would need the accesstoken for now that I have it. 但是后来我对现在已经拥有的访问令牌感到困惑。
1 个解决方案
解决方案1
0 已采纳 2019-09-05 14:24:18
https://developers.google.com/google-ads/api/docs/concepts/curl-example https://developers.google.com/google-ads/api/docs/concepts/curl-example
Is helpful. 有帮助。 I don't believe that passport.js will do it for us. 我不相信passport.js会为我们做到这一点。
To further clarify for future: Just use the access token in a header and send it as an option to request. 要进一步说明,请执行以下操作:只需在标头中使用访问令牌,并将其作为请求的选项发送即可。
const opt = {
url: 'some/protected/api',
headers: {
Authorization: `Bearer ${accessToken}`
},
};
request.get(opt, (err, response, body) => {
...
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.