我使用以下代码在Android应用中使用Google OAuth2登录:
在我的登录活动onCreate方法中,我有:
googleSignInOptions = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestScopes(new Scope(Scopes.PLUS_LOGIN))
//requestIdToken takes the google cloud console's project's WEB (not Android) openID client ID.
.requestIdToken("my client id")
.requestEmail()
.build();
SignInButton signInButton = (SignInButton) oAuth.findViewById(R.id.sign_in_button);
signInButton.setSize(SignInButton.SIZE_WIDE);
signInButton.setScopes(googleSignInOptions.getScopeArray());
googleApiClient = new GoogleApiClient.Builder(oAuth)
.enableAutoManage(oAuth, new GoogleApiClient.OnConnectionFailedListener() {
@Override
public void onConnectionFailed(@NonNull ConnectionResult connectionResult) {
Log.d("GoogleOAuth", "Connection failed\n" + connectionResult.getErrorMessage() );
Toast.makeText(context, "Failed to connect to Google", Toast.LENGTH_LONG).show();
}
})
.addApi(Auth.GOOGLE_SIGN_IN_API, googleSignInOptions)
.build();
我将onClick监听器注册到登录按钮,该按钮调用:
Intent signInIntent = Auth.GoogleSignInApi.getSignInIntent(googleApiClient);
activity.startActivityForResult(signInIntent, GOOGLE_SIGN_IN);
我得到了活动结果:
public void onActivityResult(OAuth oAuth, Context context, int requestCode, int resultCode, Intent data) {
// Result returned from launching the Intent from GoogleSignInApi.getSignInIntent(...);
if (requestCode == GOOGLE_SIGN_IN) {
GoogleSignInResult result = Auth.GoogleSignInApi.getSignInResultFromIntent(data);
if (result.isSuccess()) {
GoogleSignInAccount account = result.getSignInAccount();
String idToken = account.getIdToken(); //this has a value
Map<String, String> logins = new HashMap<String, String>();
logins.put("accounts.google.com", token);
AWSCommunicator.setLogins(oAuth, logins, account);
credentialsProvider.setLogins(logins);
}
else {
Toast.makeText(context, "failed to login" + result.getStatus().toString(), Toast.LENGTH_LONG).show();
}
} else {
Log.d("GoogleAuth", "Bad requestCode: " + requestCode);
}
}
现在一切都很好,一切似乎都很好。这是我看到的一些日志。
D/CognitoCachingCredentialsProvider: Identity id is changed
D/CognitoCachingCredentialsProvider: Saving identity id to SharedPreferences
D/CognitoCachingCredentialsProvider: Clearing credentials from SharedPreferences
D/CognitoCachingCredentialsProvider: Saving credentials to SharedPreferences
D/CognitoCachingCredentialsProvider: Saving identity id to SharedPreferences
一切都很好。我已经过身份验证,我可以对我的API网关端点进行经过身份验证的调用(使用AWS Api Gateway自动生成的SDK)。
现在一小时后,我尝试拨打电话并且该令牌已过期。我如何获得新令牌?然后如何刷新Cognito?
答案 0 :(得分:1)
您应该能够从Google提供的刷新令牌中获取谷歌的新Id令牌。这个文档可能会有所帮助。 https://developers.google.com/api-client-library/java/google-api-java-client/oauth2
要刷新Cognito凭据,您只需要使用IdP中的最新令牌(在本例中为Google Oauth)使credentialsProvider保持最新。凭证到期后,如果CognitoCachingCredentialsProvider具有最新的令牌,它将自动刷新。