获取空刷新令牌 [英] Getting null Refresh token
问题描述
我正在使用google-api-java-client版本1.8-beta进行oAuth2身份验证。一切正常,直到我得到GoogleTokenResponse对象,它具有访问令牌但没有刷新令牌。
构建请求url我使用以下方法:
...
googleAuthenticationUrl = new GoogleAuthorizationCodeRequestUrl (CLIENT_ID,callBackUrl,作用域).build();
...
在获取请求令牌时,我使用此访问令牌进行交换
$
GoogleTokenResponse tokenResponse =新的GoogleAuthorizationCodeTokenRequest(新的NetHttpTransport(),新的JacksonFactory(),CLIENT_ID ,CLIENT_SECRET,request.getParameter(CODE_URL_PARAM),callBackUrl).execute();
...
返回的GoogleTokenResponse对象不包含刷新标记:
{access_token:ya29.AH..etc ... 9-Y,expires_in:3600,token_type :持票人}
请您在这个问题上说清楚我的看法?感谢您的帮助!
在构建请求URL时,应设置访问类型:
$ b $
requestUrl = new GoogleAuthorizationCodeRequestUrl(googleClientId,callBackUrl,scopes).setAccessType(offline)。build();
如 page 设置此参数的建议:您明确地将access_type参数
设置为脱机,因为我们预计当联机值引入
时,它将作为默认行为。这可能会导致应用程序发生
的意外更改,因为它会影响您的应用程序允许刷新访问令牌的方式
。通过
显式设置参数值为脱机状态,可以避免应用程序功能发生任何
更改。 [...]
I'm using the google-api-java-client version 1.8-beta for oAuth2 authentication with Google accounts. Everything fine until I get the GoogleTokenResponse object, which has the access token but not refresh token. To build the request url I user the following method :
...
googleAuthenticationUrl = new GoogleAuthorizationCodeRequestUrl(CLIENT_ID, callBackUrl, scopes).build();
...
When getting the request token I exchange it with an access token in this line :
...
GoogleTokenResponse tokenResponse = new GoogleAuthorizationCodeTokenRequest(new NetHttpTransport(), new JacksonFactory(), CLIENT_ID, CLIENT_SECRET, request.getParameter(CODE_URL_PARAM), callBackUrl).execute();
...
The returned GoogleTokenResponse object does not contains the refresh token :
{"access_token":"ya29.AH..etc...9-Y","expires_in":3600,"token_type":"Bearer"}
Could you please shed my light on this issue ? Thank you very much for your help!
When building the request Url, you should set the Access Type :
requestUrl = new GoogleAuthorizationCodeRequestUrl(googleClientId, callBackUrl, scopes).setAccessType("offline").build();
As described in this page setting this parameter is recommended :
[...] We recommend that you explicitly set the access_type parameter to offline because we anticipate that when the online value is introduced, it will be as the default behavior. This could cause unexpected changes in your application since it would affect the way that your application is allowed to refresh access tokens. By explicitly setting the parameter value to offline, you can avoid any changes in your application's functionality. [...]
这篇关于获取空刷新令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
