Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
515 views
in Technique[技术] by (71.8m points)

php - Use OAuth Refresh Token to Obtain New Access Token - Google API

My app is simple, it connects to the Google+ API to authenticate the user, and if successful, it retrieves the user's email and then performs a series of operations on a given database based on the email retrieved.

My main issue is that every hour, my access token expires, and I seem not to know how to "refresh" it. I get the following error, which I imagine is expected:

The OAuth 2.0 access token has expired, and a refresh token is not available.

I am currently storing the access token on a database, and I can therefore retrieve if needed. My only question is how do I use that token to gain a new one?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

Whoa, it took me significantly longer to figure this out, and the answers out there seemed quite incomplete to me.

Before we start please keep in mind that this answer assumes you are using the latest Google API PHP Library, as of May 26th of 2014.

1 - Make sure the access type your app requests is offline. A refresh_token is not provided otherwise. From Google: This field is only present if access_type=offline is included in the authorization code request.

$gClient->setAccessType('offline');

2 - Upon the first authorization, persist the provided refresh_token for further access. This can be done via cookies, database, etc. I chose to store in on a database:

$tokens = json_decode($gClient->getAccessToken()); /* Get a JSON object */
setRefreshToken($con, $tokens->refresh_token /* Retrieve form JSON object */);

3 - Check if the AccessToken has expired, and request a refreshed token from Google if such is the case.

if ($gClient->isAccessTokenExpired()) {    
  $refreshToken = getRefreshToken($con, $email); 
  $gClient->refreshToken($refreshToken);
}  

Where getRefreshToken is retrieving the previously stored refresh_token from our database, and then we pass that value to the Client's refreshToken method.

Quick Note: It's key to remember that if you had previously authorized your app, you probably won't see a refresh_token on the response, since it is only provided the first time we call authenticate. Therefore, you can either go to https://www.google.com/settings/security and Revoke Access to your app or you can add the following line when creating the Client object:

$gClient->setApprovalPrompt('force');

From Google: If the value is force, then the user sees a consent page even if they previously gave consent to your application for a given set of scopes. Which in turn ensures that a refresh_token is provided on each authorization.

Full Sample Here: http://pastebin.com/jA9sBNTk


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...