使用Google Drive Oauth 2.0管理访问令牌

时间:2014-04-15 12:38:13

标签: java oauth-2.0 google-drive-api google-api-java-client

我使用Google API Java客户端以Java方式管理Google App Engine对Google Drive API的访问。

我获得了一个用户访问令牌并刷新令牌并将其保存在我们的数据库中。虽然,我认为只有刷新令牌需要持久化。

如何管理访问令牌到期?你怎么看待这个策略:

  • 登录我的Web应用程序后,我从刷新令牌中获取了一个Access令牌,并将其存储在会话中。如何从存储在数据库中的刷新令牌创建Google凭据对象?

  • 当我访问云端硬盘操作时,如果过期,我会捕获401异常以重新创建访问令牌

我已阅读Credential and Credential Store,但似乎已被弃用。现在必须使用它:StoredCredential。有没有人使用这个新界面?

感谢。

1 个答案:

答案 0 :(得分:3)

如果您正在使用Drive API库,它将为您处理401例外,只要您为其提供具有访问权限和刷新令牌的凭据。

以下是如何使用Credential构建StoredCredential对象的方法。您可以使用与MemoryDataStoreFactory不同的实现:

public class ApiCredentialManager {
    private DataStore<StoredCredential> dataStore;

        //Put your scopes here
        public static String[] SCOPES_ARRAY = { "https://www.googleapis.com/auth/admin.directory.user" };

        private ApiCredentialManager() {

            try {
                dataStore = MemoryDataStoreFactory.getDefaultInstance().getDataStore("credentialDatastore");
            } catch (IOException e) {
                throw new RuntimeException("Unable to create in memory credential datastore", e);
            }
        }

        public static ApiCredentialManager getInstance() {
            if (instance == null)
                instance = new ApiCredentialManager();

            return instance;
        }

        public Credential getCredential(username) throws Exception {
            try {
                credential = new GoogleCredential.Builder()
                        .setTransport(new NetHttpTransport())
                        .setJsonFactory(new JacksonFactory())
                        .addRefreshListener(
                                new DataStoreCredentialRefreshListener(
                                        username, dataStore))
                        .build();

                if(dataStore.containsKey(username)){
                    StoredCredential storedCredential = dataStore.get(username);
                    credential.setAccessToken(storedCredential.getAccessToken());
                    credential.setRefreshToken(storedCredential.getRefreshToken());
                }else{
                    //Do something of your own here to obtain the access token.
                    //Most usually redirect the user to the OAuth page
                }

                return credential;
            } catch (GeneralSecurityException e) {
                throw new Exception("isuue while setting credentials", e);
            } catch (IOException e) {
                e.printStackTrace();
                throw new Exception("isuue while setting credentials", e);
            }
        }

        //Call this when you've obtained the access token and refresh token from Google
        public void saveCredential(username, Credential credential){
            StoredCredential storedCredential = new StoredCredential();
            storedCredential.setAccessToken(credential.getAccessToken());
            storedCredential.setRefreshToken(credential.getRefreshToken());
            datastore.set(username, storedCredential);
        }
}
相关问题
最新问题