[英]Dealing with expired auth token android account manager
每当我需要使用来自AccountManager
的Google身份验证令牌发出请求时,我是否应该无效并请求新令牌,或者我是否有“过期时间”时间戳,以查看它是否仍然有效。
There is no expiry time provided in the HTTP response from the Google service, so I think you need to ensure that if the auth-token fails to provide access, you use that as the trigger to get a new auth token. Google服务的HTTP响应中没有提供到期时间,因此我认为您需要确保如果auth-token无法提供访问权限,您可以将其用作获取新身份验证令牌的触发器。 Or you could acquire a new token each time the application starts, or create your own timeout.
或者,您可以在每次应用程序启动时获取新令牌,也可以创建自己的超时。
http://code.google.com/apis/accounts/docs/AuthForInstalledApps.html http://code.google.com/apis/accounts/docs/AuthForInstalledApps.html
Looking at the HTTP response, the status code is 302 (it's redirecting you to provide auth token) and the "Set-Cookie" field in the header is not present . 查看HTTP响应,状态代码为302(它重定向您以提供身份验证令牌),并且标头中的“Set-Cookie”字段不存在 。 You could key off that.
你可以关键那个。
if (res.getStatusLine().getStatusCode() == 302 && res.getHeaders("Set-Cookie").length == 0) {
// we need a new token
// invalidate account manager logic here
}
Failing to get that cookie from Google seems to signify it's time to grab a new token from AccountManager. 未能从Google获取该Cookie似乎表明是时候从AccountManager获取新令牌了。
As there is no accepted answer yet: I do it by firing my requests in a try block, then catching any exceptions and check if it's a 401 with if (e.getMessage().equals("401 Unauthorized")) { ... }
. 因为还没有接受的答案:我通过在try块中触发我的请求,然后捕获任何异常并检查它是否为401
if (e.getMessage().equals("401 Unauthorized")) { ... }
。 Then, invalidate the auth token, request a new one and retry the request. 然后,使auth令牌无效,请求新令牌并重试该请求。
You need to call invalidateAuthToken(String, String) when you know the token has expired. 当您知道令牌已过期时,需要调用invalidateAuthToken(String,String) 。 ie when the request fails with an authentication error.
即当请求因验证错误而失败时。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.