Credentials对象什么时候失效?

时间:2016-11-14 05:40:28

标签: python google-drive-api google-oauth google-api-python-client

我正在使用基于https://developers.google.com/drive/v3/web/quickstart/python的Python脚本,它运行正常。我可以将简单的文本文件上传到我的云端硬盘帐户。

该页面上的代码如下:

# If modifying these scopes, delete your previously saved credentials
# at ~/.credentials/drive-python-quickstart.json
SCOPES = 'https://www.googleapis.com/auth/drive.metadata.readonly'
CLIENT_SECRET_FILE = 'client_secret.json'
APPLICATION_NAME = 'Drive API Python Quickstart'


def get_credentials():
    """Gets valid user credentials from storage.

    If nothing has been stored, or if the stored credentials are invalid,
    the OAuth2 flow is completed to obtain the new credentials.

    Returns:
        Credentials, the obtained credential.
    """
    home_dir = os.path.expanduser('~')
    credential_dir = os.path.join(home_dir, '.credentials')
    if not os.path.exists(credential_dir):
        os.makedirs(credential_dir)
    credential_path = os.path.join(credential_dir,
                                   'drive-python-quickstart.json')

    store = Storage(credential_path)
    credentials = store.get()
    if not credentials or credentials.invalid:
        flow = client.flow_from_clientsecrets(CLIENT_SECRET_FILE, SCOPES)
        flow.user_agent = APPLICATION_NAME
        if flags:
            credentials = tools.run_flow(flow, store, flags)
        else: # Needed only for compatibility with Python 2.6
            credentials = tools.run(flow, store)
        print('Storing credentials to ' + credential_path)
    return credentials

假设脚本执行一次,导致'drive-python-quickstart.json'文件被保存为类似的东西(当然X代替敏感信息):

{"_module": "oauth2client.client",
 "scopes": ["https://www.googleapis.com/auth/drive.file"],
 "token_expiry": "2016-11-13T07:15:15Z",
 "id_token": null,
 "access_token": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
 "token_uri": "https://accounts.google.com/o/oauth2/token",
 "invalid": false,
 "token_response": {"access_token": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
                    "token_type": "Bearer",
                    "expires_in": 3600,
                    "refresh_token": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"},
 "client_id": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX.apps.googleusercontent.com",
 "token_info_uri": "https://www.googleapis.com/oauth2/v3/tokeninfo",
 "client_secret": "XXXXXXXXXXXXXXXXXXXXXXXX",
 "revoke_uri": "https://accounts.google.com/o/oauth2/revoke",
 "_class": "OAuth2Credentials",
 "refresh_token": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
 "user_agent": null}

让我们假设'drive-python-quickstart.json'文件始终存在并且可读写。假设一些时间过去了,并且该脚本在该JSON值中的“token_expiry”键给出的时间之后的某个时间再次执行。是否期望某些东西检测到Credentials对象上的时间已过期,强制凭证对象切换到无效状态,这意味着credentials.invalid然后变为True?或者是否存在“refresh_token”字段意味着API中的某些内容会自动更新'drive-python-quickstart.json'文件,使credentials.invalid始终返回True?

1 个答案:

答案 0 :(得分:1)

只要您的刷新令牌良好,Google python客户端库就会根据需要刷新访问令牌。为清楚起见,客户端库用于访问API。 API无法控制您的身份验证。它希望您或者更确切地说是客户端库向其发送所需的信息,以使其工作。

热门提示:未使用六个月的刷新令牌也将过期,因此我建议您至少每六个月运行一次脚本。

相关问题
最新问题