我正在使用Xero OAuth2.0 API,令牌过期后,我正在刷新令牌。 Xero Documentation 我将令牌存储在JSON文件中,以便下次可以检索。
Errrr回应:
{
"error": "invalid_grant"
}
请参考下面我使用的代码
public function getAccessToken($code = null) {
if(file_exists($this->tokenPath) && isset($code)) {
$accessToken = $this->getAccessTokenFromAuthCode($code);
} else if (file_exists($this->tokenPath)) {
$accessToken = $this->getAccessTokenFromJSON();
try {
if (time() > $accessToken->expires) {
$accessToken = $this->provider->getAccessToken('refresh_token', [
'refresh_token' => $accessToken->refresh_token
]);
}
} catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) {
//header('Location: ' . $this->getAuthorizationUrl());
}
} else if(isset($code)){
$accessToken = $this->getAccessTokenFromAuthCode($code);
} else {
header('Location: ' . $this->getAuthorizationUrl());
}
return $accessToken;
}
public function getAccessTokenFromAuthCode($code) {
return $this->storeAccessTokenToJSON($this->provider->getAccessToken('authorization_code', ['code' => $code]));
}
public function getAccessTokenFromJSON(){
return json_decode(file_get_contents($this->tokenPath));
}
public function storeAccessTokenToJSON($accessToken){
file_put_contents($this->tokenPath, json_encode($accessToken));
return json_decode(file_get_contents($this->tokenPath));
}
答案 0 :(得分:2)
访问令牌的有效期为30 minutes
。并且未使用的刷新令牌会在60 days.
之后过期。如果您在60天内不刷新访问令牌,则用户需要重新授权您的应用。
new refresh token
和 新访问令牌 > $curl = curl_init(); curl_setopt_array($curl, array( CURLOPT_URL => "https://identity.xero.com/connect/token?=", CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => "", CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 0, CURLOPT_FOLLOWLOCATION => true, CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_POSTFIELDS => array( 'XXXXXXXXXXXXX','client_secret' => 'YYYYYYYYYYYYYYYYYYYYYYYYYYYYY'), CURLOPT_HTTPHEADER => array( "grant_type: refresh_token", "Content-Type: application/json", ), )); $response = curl_exec($curl); curl_close($curl); echo $response;
答案 1 :(得分:-1)
Invalid_grant是刷新令牌过期时的标准错误响应代码。
公用令牌生存期类似于: *访问令牌= 60分钟 *刷新令牌= 8小时
刷新令牌过期后,您必须让用户再次登录。