因此,我使用Google Oauth流設置使用googleapis
庫,並且在使用oauthClient.getToken(code, ..)
之後,我似乎沒有看到refresh_token
。它只返回access_token
和id_token
。使用googleapis lib獲取refresh_token
下面是從代碼我的結果:
{
access_token: "...",
expiry_date: 1475080667529,
id_token: "...",
token_type: "Bearer"
}
這裏是我的代碼:
function getOauth() {
var oauthClient = new google.auth.OAuth2(
config.googleOauth.id,
config.googleOauth.secret,
`${config.https ? 'https' : 'http'}://${config.baseUrl}/google`
);
return Bluebird.promisifyAll(oauthClient);
}
/**
* Initialize session based of the auth code, which
* gives us the accessToken and the payload.
*
* Returns a session with the user tokenized and
* the accessToken for use to restore on page refresh.
*/
router.get('/initial', function * (req, res) {
try {
let oauth = getOauth();
let code = req.query.authorizationCode;
let results = yield oauth.getTokenAsync(code);
let tokens = results[0];
let result = yield oauth.verifyIdTokenAsync(tokens.id_token, config.googleOauth.id);
let payload = result.getPayload();
let user = yield User.findOneByEmail(payload.email, req.communityConfig);
let data = { user };
if (user.role) {
let role = yield Role.findOne(user.role, req.communityConfig);
data.roles = [role];
}
let token = auth.createToken(data);
res.json(extend({}, req.query, { token, accessToken: tokens.id_token }));
} catch(error) {
console.log(error.message);
throw new StatusError(401, error);
}
});
/**
* Use the google provider's fetch method to restore the session
* data using the accessToken.
*
* Returns a token created from the user and role, along with
* all of the query props passed in.
*/
router.get('/restore', function * (req, res) {
try {
let oauth = getOauth();
oauth.setCredentials({
access_token: req.query.accessToken
});
let tokens = yield oauth.getAccessTokenAsync();
let result = yield oauth.verifyIdTokenAsync(tokens[0], config.googleOauth.id);
let payload = result.getPayload();
let user = yield User.findOneByEmail(payload.email, req.communityConfig);
let data = { user };
if (user.role) {
let role = yield Role.findOne(user.role, req.communityConfig);
data.roles = [role];
}
let token = auth.createToken(data);
res.json(extend({}, req.query, { token }));
} catch(error) {
console.log(error.message);
throw new StatusError(401, error);
}
});
所以一切正常,在初始和刷新,但access_token
到期後,不再進行身份驗證。
令牌使用爲時已晚,1475070618.739> 1475005777
我heared,我必須指定access_type
到'offline'
,但我甚至不知道在哪裏設置,在我的情況,我認爲這是對像背景同步。除此之外,它很難測試,因爲它需要大約一天的時間過期..