使用oauth2.0使用ruby刷新回调访问框中的令牌

我不熟悉Box Api和ruby。我正在尝试刷新令牌，但我不确定下面代码中的令牌\刷新\回调是什么

client = Boxr::Client.new('zX3UjFwNerOy5PSWc2WI8aJgMHtAjs8T',
                      refresh_token: 'dvfzfCQoIcRi7r4Yeuar7mZnaghGWexXlX89sBaRy1hS9e5wFroVVOEM6bs0DwPQ',
                      client_id: 'kplh54vfeagt6jmi4kddg4xdswwvrw8y',
                      client_secret: 'sOsm9ZZ8L8svwrn9FsdulLQVwDizKueU',
                      &token_refresh_callback)

此外，一旦我的访问令牌过期，该方法是否会撤销该令牌？

---

谢谢你的帮助

使用访问和刷新令牌 access\u令牌是进行API请求所需的实际字符串。每个access\u令牌的有效期为1小时。为了获得新的有效令牌，您可以使用附带的refresh\u令牌。每个refresh\u令牌的有效期为60天一次。每次使用refresh\u令牌获得新的access\u令牌时， 我们为您重置60天的计时器，并为您提供一个新的刷新令牌。 这意味着，只要用户每60天使用一次应用程序，他们的登录就永远有效

收件箱\u api\u controller.rb文件

def make_request
    #Check access token expire or not.
    check_access_token_expire = check_access_token_expire_dt
  if check_access_token_expire.split("-")[0] == "access_token"
    #Create client by passing Token
    @box_client = Boxr::Client.new(check_access_token_expire.split("-")[1])
    cookies[:token] = check_access_token_expire.split("-")[1]
  else
    if check_access_token_expire.split("-")[0] == "refresh_token"
        #Call method
        create_post_req_url("refresh_token","refresh_token",check_access_token_expire.split("-")[1])
    else
        # kick off authorization flow
        parameters = "response_type=code&client_id=<your client id>&redirect_uri=<your application url>/handle_user_decision/&state=security_token"
        url = "https://account.box.com/api/oauth2/authorize?#{parameters}"
        redirect_to url
    end
end 
end

创建帖子Url

def create_post_req_url(grant_type,header, code)
    #Set oauth2 url
    uri = URI.parse("https://api.box.com//oauth2//token")
    #Passing parameter
    data = "grant_type=#{grant_type}&#{header}=#{code}&client_id=<your client id>&client_secret=<your client secret key>"
    #Set header
    headers = {"Content-Type" => "application/x-www-form-urlencoded"}
    #Get http request
    http = Net::HTTP.new(uri.host,uri.port)
    http.use_ssl = true
    http.verify_mode = OpenSSL::SSL::VERIFY_NONE
    #Do post the URL
    response = http.post(uri.path,data.to_s,headers)
    #Check response
    if response.code != "200"
        flash[:alert] ="：#{response.code}  #{JSON.parse(response.body)}"
    else
        #flash[:alert] ="#{response.body.to_json}"
        parsed = JSON.parse(response.body) # returns a hash
        token = parsed["access_token"]
        cookies[:token] = nil
        cookies[:token] = token      
        if grant_type == "authorization_code"
            #Insert BOX access token details
            user = "<your drive user name>"
            insert_access_token(user, token, parsed["refresh_token"], Time.now)
        else
            if grant_type == "refresh_token"
                #Update BOX access token 
                updt_access_token(user, token, code, parsed["refresh_token"], Time.now)
            end  
        end
        redirect_to box_api_index_path
    end
end

在index.html.erb中

<%= form_tag(:controller => "box_api", :action => 'make_request') do |f| %>
<div class="form-group"><%= submit_tag("Box Login", class: "btn btn-primary") %></div><% end %>

“box_api”，：action=>“make_request”）do | f |%>

我只想请求一个访问令牌，然后在它过期后使用刷新令牌和循环刷新它。你认为我可以怎么做？

我最近也实现了同样的功能。使用下面的代码片段。

def check_access_token_expire_dt
    @access_token_time = BoxApiAccessToken.getaccesstokentime
    if !@access_token_time.blank?
        @access_token_time.each do |token_details |
            if token_details.access_token_dt != nil
                if token_details.new_access_token_dt.to_datetime.new_offset(Rational(9, 24)).strftime('%Y/%m/%d %H:%M') < Time.now.to_datetime.new_offset(Rational(9, 24)).strftime('%Y/%m/%d %H:%M')
                    check_access_token_expire_dt = "refresh_token-#{token_details.refresh_access_token}"
                    return check_access_token_expire_dt
                else
                    check_access_token_expire_dt = "access_token-#{token_details.access_token}"
                    return check_access_token_expire_dt
                end
            else
                check_access_token_expire_dt = "new_token-req_new_token"
                return check_access_token_expire_dt
            end
        end
    else
        check_access_token_expire_dt = "new_token-req_new_token"
        return check_access_token_expire_dt
    end
end

def insert_access_token(user,access_token,refresh_access_token,access_token_dt)
    @box_access_token = BoxApiAccessToken.new(
            :user => user,
            :access_token => access_token,
            :refresh_access_token => refresh_access_token,
            :access_token_dt => access_token_dt)

            #Save User Device Data
            @box_access_token.save
end

#Update access_token,refresh_access_token,access_token_dt details in DB


 def updt_access_token(user,access_token, refresh_access_token,new_refresh_access_token,access_token_dt)
    #@box_access_token_updt = BoxApiAccessToken.find_refresh_access_token(refresh_access_token)
    @box_access_token_updt = BoxApiAccessToken.find_by_refresh_access_token(refresh_access_token)
    attributes = {:access_token => access_token,:access_token_dt => access_token_dt, :refresh_access_token => new_refresh_access_token, :updated_at => access_token_dt}
    #Update the object
    @box_access_token_updt.update_attributes(attributes)
end

<%= form_tag(:controller => "box_api", :action => 'make_request') do |f| %>
<div class="form-group"><%= submit_tag("Box Login", class: "btn btn-primary") %></div><% end %>