Get an oauth access token from refresh token in passportjs
Question
To determine when to use a refresh token to ask for a new access token, I'm aware of two approaches (below). Are either of these approaches possible without modifying the passport-google-oauth library?
1) The "pre-emptive" method
- Save the access token's expiry time when its granted
- Check the expiry time against the current time whenever using an access token to access the API
- If the access token is not expired, use it to access the API
- If the access token is expired (or close to being expired), supply the refresh token to get a new access token
2) The "handle failure" method
- Always supply access token
- If the access token fails to authenticate, supply the refresh token, get a new access token
Thanks. Also welcome any alternatives.
2 answers
solution1
6 2014-11-16 09:36:43
我写了一个插件,使处理这个更容易: https : //github.com/fiznool/passport-oauth2-refresh
solution2
5 ACCPTED 2013-10-25 21:44:50
Note that Passport does not actively use the access token or refresh token, other than to fetch the user profile during login. You're application is responsible for using these tokens when making whatever API requests are necessary. As such, you can implement either method you describe, Passport is not involved in the process.
See also: https://github.com/jaredhanson/passport-google-oauth/issues/23
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.