所以我有一个应用程序需要使用OAuth2从谷歌访问数据。我有方法刷新存储的数据并将新帐户添加到应用程序中。我一直在测试使用两个帐户。我在使用一个帐户登录时没有问题,使用该帐户刷新就可以了(首先)。我同时签署我的第二个帐户并同时刷新这两组数据没有问题。然而,经过长时间的缺席后,我回来尝试刷新一个或两个帐户,然后崩溃。从我的日志中我推断出令牌不再有任何好处,并且服务器已停止向我提供任何数据。每次发送请求时,我首先使用我的刷新令牌刷新访问令牌,这些令牌保存在手机内存中。
Q1:我是否正确评估了问题,即我的令牌是否有问题?
Q2:刷新令牌会在一段时间后过期吗?
如果是的话Q3:我该怎么做才能解决这个问题?
以下是我的代码的一部分,从令牌刷新到数据请求:
NSString *post = [NSString stringWithFormat:@"client_id=%@&client_secret=%@&refresh_token=%@&grant_type=refresh_token", mAuth.clientID, mAuth.clientSecret, [self.defaults objectForKey:[NSString stringWithFormat:@"refresh_token %i", i]]];
NSLog(@"AT - %@", [self.defaults objectForKey:[NSString stringWithFormat:@"access_token %i", i]]);
NSLog(@"TT - %@", [self.defaults objectForKey:[NSString stringWithFormat:@"token_type %i", i]]);
NSLog(@"ET - %@", [self.defaults objectForKey:[NSString stringWithFormat:@"expires_in %i", i]]);
NSLog(@"RT - %@", [self.defaults objectForKey:[NSString stringWithFormat:@"refresh_token %i", i]]);
NSLog(@"%@", post);
NSMutableData *postData = [NSMutableData data];
[postData appendData:[post dataUsingEncoding:NSASCIIStringEncoding]];
NSString *postLength = [NSString stringWithFormat:@"%d", [postData length]];
NSMutableURLRequest *request = [[NSMutableURLRequest alloc]init];
[request setURL:[NSURL URLWithString:[NSString stringWithFormat:@"https://accounts.google.com/o/oauth2/token"]]];
[request setHTTPMethod:@"POST"];
[request setValue:postLength forHTTPHeaderField:@"Content-Length"];
[request setValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"Content-Type"];
[request setHTTPBody:postData];
NSURLResponse *response;
NSError *error;
NSData *connection = [NSURLConnection sendSynchronousRequest:request returningResponse:&response error:&error];
NSString *tokenString = [[NSString alloc]initWithData:connection encoding:NSUTF8StringEncoding];
NSLog(@"%@", tokenString);
[self complexParseFromString:tokenString forInt:i];
NSLog(@"AT - %@", [self.defaults objectForKey:[NSString stringWithFormat:@"access_token %i", i]]);
NSLog(@"TT - %@", [self.defaults objectForKey:[NSString stringWithFormat:@"token_type %i", i]]);
NSLog(@"ET - %@", [self.defaults objectForKey:[NSString stringWithFormat:@"expires_in %i", i]]);
NSLog(@"RT - %@", [self.defaults objectForKey:[NSString stringWithFormat:@"refresh_token %i", i]]);
NSMutableURLRequest *GETRequest = [[NSMutableURLRequest alloc]initWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"https://www.googleapis.com/youtube/v3/channels?part=contentDetails&mine=true"]]];
[GETRequest setHTTPMethod:@"GET"];
[GETRequest setValue:@"www.googleapis.com" forHTTPHeaderField:@"Host"];
[GETRequest setValue:[NSString stringWithFormat:@"Bearer %@", [self.defaults objectForKey:[NSString stringWithFormat:@"access_token %i", i]]] forHTTPHeaderField:@"Authorization"];
connection = [NSURLConnection sendSynchronousRequest:GETRequest returningResponse:&response error:&error];
responderString = [[NSString alloc]initWithData:connection encoding:NSUTF8StringEncoding];
arrayChannel = [[NSMutableArray alloc]initWithArray:[self simpleParseFromString:responderString]];
GETRequest = [[NSMutableURLRequest alloc]initWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"https://www.googleapis.com/youtube/v3/playlistItems?part=contentDetails&playlistId=%@", [arrayChannel objectAtIndex:[arrayChannel indexOfObject:@"uploads"] + 1]]]];
[GETRequest setHTTPMethod:@"GET"];
[GETRequest setValue:@"www.googleapis.com" forHTTPHeaderField:@"Host"];
[GETRequest setValue:[NSString stringWithFormat:@"Bearer %@", [self.defaults objectForKey:[NSString stringWithFormat:@"access_token %i", i]]] forHTTPHeaderField:@"Authorization"];
connection = [NSURLConnection sendSynchronousRequest:GETRequest returningResponse:&response error:&error];
responderString = [[NSString alloc]initWithData:connection encoding:NSUTF8StringEncoding];
答案 0 :(得分:0)
每https://developers.google.com/accounts/docs/OAuth2ForDevices
"访问令牌的有限生命期。如果您的应用程序需要长时间访问API,则可以使用刷新令牌获取新的访问令牌(请参阅使用刷新令牌)。如果您的应用程序需要此类访问权限,则应存储刷新令牌以供以后使用。"
注意:对于Google,刷新令牌不会过期。但是,我也看到oauth提供程序也会使刷新令牌失效。 AFAIK规范没有规定。