0

因此,我使用Google Oauth流設置使用googleapis庫,並且在使用oauthClient.getToken(code, ..)之後,我似乎沒有看到refresh_token。它只返回access_tokenid_token使用googleapis lib獲取refresh_token

下面是從代碼我的結果:

{ 
    access_token: "...", 
    expiry_date: 1475080667529, 
    id_token: "...", 
    token_type: "Bearer" 
} 

這裏是我的代碼:

function getOauth() { 
    var oauthClient = new google.auth.OAuth2(
    config.googleOauth.id, 
    config.googleOauth.secret, 
    `${config.https ? 'https' : 'http'}://${config.baseUrl}/google` 
); 
    return Bluebird.promisifyAll(oauthClient); 
} 

/** 
* Initialize session based of the auth code, which 
* gives us the accessToken and the payload. 
* 
* Returns a session with the user tokenized and 
* the accessToken for use to restore on page refresh. 
*/ 
router.get('/initial', function * (req, res) { 
    try { 
    let oauth = getOauth(); 
    let code = req.query.authorizationCode; 
    let results = yield oauth.getTokenAsync(code); 
    let tokens = results[0]; 
    let result = yield oauth.verifyIdTokenAsync(tokens.id_token, config.googleOauth.id); 
    let payload = result.getPayload(); 
    let user = yield User.findOneByEmail(payload.email, req.communityConfig); 
    let data = { user }; 

    if (user.role) { 
     let role = yield Role.findOne(user.role, req.communityConfig); 
     data.roles = [role]; 
    } 

    let token = auth.createToken(data); 

    res.json(extend({}, req.query, { token, accessToken: tokens.id_token })); 
    } catch(error) { 
    console.log(error.message); 
    throw new StatusError(401, error); 
    } 
}); 

/** 
* Use the google provider's fetch method to restore the session 
* data using the accessToken. 
* 
* Returns a token created from the user and role, along with 
* all of the query props passed in. 
*/ 
router.get('/restore', function * (req, res) { 
    try { 
    let oauth = getOauth(); 

    oauth.setCredentials({ 
     access_token: req.query.accessToken 
    }); 

    let tokens = yield oauth.getAccessTokenAsync(); 
    let result = yield oauth.verifyIdTokenAsync(tokens[0], config.googleOauth.id); 
    let payload = result.getPayload(); 
    let user = yield User.findOneByEmail(payload.email, req.communityConfig); 
    let data = { user }; 

    if (user.role) { 
     let role = yield Role.findOne(user.role, req.communityConfig); 
     data.roles = [role]; 
    } 

    let token = auth.createToken(data); 

    res.json(extend({}, req.query, { token })); 
    } catch(error) { 
    console.log(error.message); 
    throw new StatusError(401, error); 
    } 
}); 

所以一切正常,在初始和刷新,但access_token到期後,不再進行身份驗證。

令牌使用爲時已晚,1475070618.739> 1475005777

我heared,我必須指定access_type'offline',但我甚至不知道在哪裏設置,在我的情況,我認爲這是對像背景同步。除此之外,它很難測試,因爲它需要大約一天的時間過期..

回答

0

哇,這裏的另一個問題在SO幫助解決我的問題。

access_type選項是FRONTEND選項。所以在我的情況下它位於這裏:https://github.com/Vestorly/torii/blob/master/addon/providers/google-oauth2.js ,我將我的地址設置爲'offline'

撤銷用戶的訪問權限(此處爲https://security.google.com/settings/security/permissions)並重新同意後,返回refresh_token

此評論Not receiving Google OAuth refresh token由zack-morris確實幫助。

相關問題