Fatal编程技术网
  • oauth/
  • 谷歌OAuth2刷新到期&;不续费

谷歌OAuth2刷新到期&;不续费

oauth oauth-2.0

谷歌OAuth2刷新到期&;不续费,oauth,oauth-2.0,google-oauth,Oauth,Oauth 2.0,Google Oauth,然而,我完全遵循了 @app.route('/test') def test_api_request(): if 'credentials' not in flask.session: return flask.redirect('authorize') # Load credentials from the session. credentials = google.oauth2.credentials.Credentials( **flask.session

然而,我完全遵循了

@app.route('/test')
def test_api_request():
  if 'credentials' not in flask.session:
    return flask.redirect('authorize')

  # Load credentials from the session.
  credentials = google.oauth2.credentials.Credentials(
      **flask.session['credentials'])

  drive = googleapiclient.discovery.build(
      API_SERVICE_NAME, API_VERSION, credentials=credentials)

  files = drive.files().list().execute()

  # Save credentials back to session in case access token was refreshed.
  # ACTION ITEM: In a production app, you likely want to save these
  #              credentials in a persistent database instead.
  flask.session['credentials'] = credentials_to_dict(credentials)

  return flask.jsonify(**files)
但在本部分中:

  credentials = google.oauth2.credentials.Credentials(
      **flask.session['credentials'])
刷新令牌在一小时后过期,出现以下错误:

The credentials do not contain the necessary fields need to refresh the access token. You must specify refresh_token, token_uri, client_id, and client_secret.
但很明显,在烧瓶会话中,dict对象存在:

{'client_id': '<COMMENTED_OUT>.apps.googleusercontent.com',
 'client_secret': '<COMMENTED_OUT>',
 'refresh_token': None,
 'scopes': ['https://spreadsheets.google.com/feeds',
            'https://www.googleapis.com/auth/drive',
            'https://mail.google.com/'],
 'token': '<COMMENTED_OUT>',
 'token_uri': 'https://oauth2.googleapis.com/token'}

{'client_id':'.apps.googleusercontent.com',
“客户机密”:“,
“刷新令牌”:无,
'范围':['https://spreadsheets.google.com/feeds',
'https://www.googleapis.com/auth/drive',
'https://mail.google.com/'],
“令牌”:“,
“token_uri”:”https://oauth2.googleapis.com/token'}
我相信谷歌教程会自动刷新令牌

两个问题 1) 我是否需要手动“刷新”刷新令牌?教程中的注释是“将凭据保存回会话,以防刷新访问令牌”。。这意味着它会自动刷新

2) 这是因为应用程序仍处于未验证状态吗?

查看dict时,缺少刷新令牌:

'refresh_token': None,
您需要此令牌,以便在访问令牌过期后刷新它。只有当用户看到同意屏幕(列出所请求的范围的屏幕)时,才会在JSON响应中提供刷新令牌。如果用户之前已批准访问,并且作用域没有更改,那么如果用户被发送回流中,OAuth流将跳过该屏幕,因此不会返回刷新令牌

可能发生的情况是,在测试期间,您只批准了一次访问,但没有正确存储刷新令牌。进一步尝试批准访问没有返回刷新令牌,因此您无法刷新访问令牌

要确保始终返回刷新令牌,请在授权URL中设置URL参数
prompt=approve

authorization_url, state = flow.authorization_url(
    access_type='offline',
    include_granted_scopes='true'
    prompt='consent')
(记录在“HTTP/REST”选项卡中)

或者,取消对应用程序的访问。下次通过OAuth流时,您应该再次看到同意屏幕,并获得一个新的刷新令牌