令牌已过期或撤销
[英]Token has been expired or revoked
问题描述
I am using google auth to send emails via google api.
我正在使用 google auth 通过 google api 发送电子邮件。 It works fine initially but then I am getting this error after an hour or so.它最初工作正常,但一个小时左右后我收到此错误。
{
"error" : "invalid_grant",
"error_description" : "Token has been expired or revoked."
}
I am using the Google.Apis.Auth.AspNetCore3 .NET nudget package.我正在使用 Google.Apis.Auth.AspNetCore3 .NET nudget 包。 I have this code on Startup.cs file:我在 Startup.cs 文件中有这段代码:
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
})
.AddCookie().AddGoogleOpenIdConnect(options =>
{
var secrets = GoogleClientSecrets.FromFile("google_client_secret.json").Secrets;
options.Scope.Add(GmailService.Scope.GmailSend);
options.Scope.Add(GmailService.Scope.GmailSettingsSharing);
options.Scope.Add(GmailService.Scope.GmailSettingsBasic);
options.ClientId = secrets.ClientId;
options.ClientSecret = secrets.ClientSecret;
options.CallbackPath = new PathString("/signin-google");
});
I am using this code to authenticate:我正在使用此代码进行身份验证:
var authenticationProperties = new AuthenticationProperties()
{
RedirectUri = redirectUri
};
return Challenge(authenticationProperties, GoogleOpenIdConnectDefaults.AuthenticationScheme);
and then the code below for sending the email using google service:然后是下面的代码,用于使用谷歌服务发送电子邮件:
AuthenticateResult authResult = await HttpContext.AuthenticateAsync();
string accessToken = authResult.Properties.GetTokenValue(OpenIdConnectParameterNames.AccessToken);
string refreshToken = authResult.Properties.GetTokenValue(OpenIdConnectParameterNames.RefreshToken);
var secrets = GoogleClientSecrets.FromFile("google_client_secret.json").Secrets;
string googleAuthTokenPath = "GoogleAuthToken";
var token = new TokenResponse { AccessToken = accessToken, RefreshToken = refreshToken };
var credentials = new UserCredential(new GoogleAuthorizationCodeFlow(
new GoogleAuthorizationCodeFlow.Initializer
{
ClientSecrets = secrets,
DataStore = new FileDataStore(googleAuthTokenPath, true),
}),
"user",
token
);
var service = new GmailService(new BaseClientService.Initializer()
{
HttpClientInitializer = credentials,
ApplicationName = "Some app",
});
Event when I try to use credentials.RefreshTokenAsync , I still get the same error.当我尝试使用credentials.RefreshTokenAsync时,我仍然遇到同样的错误。 It happens after an hour or so.它发生在一个小时左右后。 Don't know what's the issue here.不知道这里有什么问题。
1 个解决方案
解决方案1
0 2022-07-07 15:47:24
My understanding is that refreshing is done for you (given the code in your example).我的理解是为您完成了刷新(鉴于您的示例中的代码)。
Check access_type=offline is specified so that a refresh token is provided.指定检查access_type=offline以便提供刷新令牌。 Log/debug whether there is a valid string value for the refresh token when you get it from the properties.当您从属性中获取刷新令牌时,记录/调试是否存在有效的字符串值。
I don't know how to specify the access type in configuration of the Google Open ID Connect middleware, sorry.我不知道如何在 Google Open ID Connect 中间件的配置中指定访问类型,抱歉。 It's probably simple, I just didn't look it up.这可能很简单,我只是没有查到它。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.