【发布时间】:2016-09-29 00:25:26
【问题描述】:
所以我使用 googleapis lib 设置了 Google Oauth 流,但在使用 oauthClient.getToken(code, ..) 后,我似乎没有使用 refresh_token。它只返回access_token 和id_token。
这是我的代码结果:
{
access_token: "...",
expiry_date: 1475080667529,
id_token: "...",
token_type: "Bearer"
}
这是我的代码:
function getOauth() {
var oauthClient = new google.auth.OAuth2(
config.googleOauth.id,
config.googleOauth.secret,
`${config.https ? 'https' : 'http'}://${config.baseUrl}/google`
);
return Bluebird.promisifyAll(oauthClient);
}
/**
* Initialize session based of the auth code, which
* gives us the accessToken and the payload.
*
* Returns a session with the user tokenized and
* the accessToken for use to restore on page refresh.
*/
router.get('/initial', function * (req, res) {
try {
let oauth = getOauth();
let code = req.query.authorizationCode;
let results = yield oauth.getTokenAsync(code);
let tokens = results[0];
let result = yield oauth.verifyIdTokenAsync(tokens.id_token, config.googleOauth.id);
let payload = result.getPayload();
let user = yield User.findOneByEmail(payload.email, req.communityConfig);
let data = { user };
if (user.role) {
let role = yield Role.findOne(user.role, req.communityConfig);
data.roles = [role];
}
let token = auth.createToken(data);
res.json(extend({}, req.query, { token, accessToken: tokens.id_token }));
} catch(error) {
console.log(error.message);
throw new StatusError(401, error);
}
});
/**
* Use the google provider's fetch method to restore the session
* data using the accessToken.
*
* Returns a token created from the user and role, along with
* all of the query props passed in.
*/
router.get('/restore', function * (req, res) {
try {
let oauth = getOauth();
oauth.setCredentials({
access_token: req.query.accessToken
});
let tokens = yield oauth.getAccessTokenAsync();
let result = yield oauth.verifyIdTokenAsync(tokens[0], config.googleOauth.id);
let payload = result.getPayload();
let user = yield User.findOneByEmail(payload.email, req.communityConfig);
let data = { user };
if (user.role) {
let role = yield Role.findOne(user.role, req.communityConfig);
data.roles = [role];
}
let token = auth.createToken(data);
res.json(extend({}, req.query, { token }));
} catch(error) {
console.log(error.message);
throw new StatusError(401, error);
}
});
所以一切正常,在初始和刷新时,但在 access_token 过期后,它不再进行身份验证。
令牌使用太晚,1475070618.739 > 1475005777
我听说我必须将access_type 指定为'offline',但我什至不知道在哪里设置它,我认为这是为了后台同步之类的。除其他外,它很难测试,因为它需要大约一天才能过期..
【问题讨论】:
标签: node.js ember.js google-oauth ember-simple-auth google-api-nodejs-client