谷歌OAuth2刷新到期&;不续费
然而,我完全遵循了谷歌OAuth2刷新到期&;不续费,oauth,oauth-2.0,google-oauth,Oauth,Oauth 2.0,Google Oauth,然而,我完全遵循了 @app.route('/test') def test_api_request(): if 'credentials' not in flask.session: return flask.redirect('authorize') # Load credentials from the session. credentials = google.oauth2.credentials.Credentials( **flask.session
@app.route('/test')
def test_api_request():
if 'credentials' not in flask.session:
return flask.redirect('authorize')
# Load credentials from the session.
credentials = google.oauth2.credentials.Credentials(
**flask.session['credentials'])
drive = googleapiclient.discovery.build(
API_SERVICE_NAME, API_VERSION, credentials=credentials)
files = drive.files().list().execute()
# Save credentials back to session in case access token was refreshed.
# ACTION ITEM: In a production app, you likely want to save these
# credentials in a persistent database instead.
flask.session['credentials'] = credentials_to_dict(credentials)
return flask.jsonify(**files)
但在本部分中:
credentials = google.oauth2.credentials.Credentials(
**flask.session['credentials'])
刷新令牌在一小时后过期,出现以下错误:
The credentials do not contain the necessary fields need to refresh the access token. You must specify refresh_token, token_uri, client_id, and client_secret.
但很明显,在烧瓶会话中,dict对象存在:
{'client_id': '<COMMENTED_OUT>.apps.googleusercontent.com',
'client_secret': '<COMMENTED_OUT>',
'refresh_token': None,
'scopes': ['https://spreadsheets.google.com/feeds',
'https://www.googleapis.com/auth/drive',
'https://mail.google.com/'],
'token': '<COMMENTED_OUT>',
'token_uri': 'https://oauth2.googleapis.com/token'}
{'client_id':'.apps.googleusercontent.com',
“客户机密”:“,
“刷新令牌”:无,
'范围':['https://spreadsheets.google.com/feeds',
'https://www.googleapis.com/auth/drive',
'https://mail.google.com/'],
“令牌”:“,
“token_uri”:”https://oauth2.googleapis.com/token'}
我相信谷歌教程会自动刷新令牌
两个问题
1) 我是否需要手动“刷新”刷新令牌?教程中的注释是“将凭据保存回会话,以防刷新访问令牌”。。这意味着它会自动刷新
2) 这是因为应用程序仍处于未验证状态吗?查看dict时,缺少刷新令牌:
'refresh_token': None,
您需要此令牌,以便在访问令牌过期后刷新它。只有当用户看到同意屏幕(列出所请求的范围的屏幕)时,才会在JSON响应中提供刷新令牌。如果用户之前已批准访问,并且作用域没有更改,那么如果用户被发送回流中,OAuth流将跳过该屏幕,因此不会返回刷新令牌
可能发生的情况是,在测试期间,您只批准了一次访问,但没有正确存储刷新令牌。进一步尝试批准访问没有返回刷新令牌,因此您无法刷新访问令牌
要确保始终返回刷新令牌,请在授权URL中设置URL参数prompt=approve
:
authorization_url, state = flow.authorization_url(
access_type='offline',
include_granted_scopes='true'
prompt='consent')
(记录在“HTTP/REST”选项卡中)
或者,取消对应用程序的访问。下次通过OAuth流时,您应该再次看到同意屏幕,并获得一个新的刷新令牌