我已经找到了一种使用ng-gapi生成访问令牌的方法,但是有一种方法可以获取刷新令牌,因为访问令牌仅在一个小时内有效。
您找到此问题的解决方案了吗?我也有类似的问题。根据Using OAuth 2.0 for Web Server Applications (Step 5)文章,我们可以使用参数中的授权代码从对[https://oauth2.googleapis.com/token端点的请求响应中获取刷新令牌。我使用GoogleAuth对象的grantOfflineAccess()方法获得了此授权代码,该方法使用此代码返回一个Promise。我不确定此解决方案是否足够正确,但是对我来说效果很好。这里有一些方法,希望对您有帮助。
private tokenRequestParams: TokenReqParams = {
client_id: AuthService.CLIENT_ID_KEY,
client_secret: AuthService.CLIENT_SECRET_KEY,
redirect_uri: 'http://localhost:4200',
grant_type: 'authorization_code'
};
/**
* if a user was logged the method returns user info, if not - checks that if refresh token has been stored
* and accordingly to this uses different methods for user sing-in
* @returns - the data of the authorized user
*/
public login(): Observable<User> {
const isUserLoggedIn = this.refreshToken && this.accessToken;
if (isUserLoggedIn) {
return this.getUserInfo();
} else {
return this.googleAuthService.getAuth().pipe(
switchMap( auth => {
return (!this.refreshToken) ? this.firstSignIn(auth) : this.signIn(auth);
})
);
}
}
/**
* The method makes sign-in action and return's data of the user who was authorized
* method will be used when grants were allowed after first sign in
* @params auth - GoogleAuth object
* @returns - user data
*/
private firstSignIn(auth: GoogleAuth): Observable<User> {
return from(auth.grantOfflineAccess()).pipe(
switchMap(code => this.fetchToken({code: code.code}).pipe(
map(() => this.signInSuccessHandler(auth.currentUser.get()))
))
);
}
/**
* The method makes sign-in action and return's data of the user who was authorized
* method will be used when grants were allowed after first sign in
* @params auth - GoogleAuth object
* @returns - user data
*/
private signIn(auth: GoogleAuth): Observable<User> {
return from(
auth.signIn().then(
(res: GoogleUser) => this.signInSuccessHandler(res),
err => { throw Error(err); }
)).pipe(
map((user: User) => user),
catchError(() => throwError('login failed'))
);
}
/**
* The method fetches access token or both tokens (access and refresh) depending of received options
* and stores them to local and session storage's
* @params params - object, that determine which grant of token gets
* details: https://developers.google.com/identity/protocols/oauth2/web-server#creatingclient
* @returns - object with token data
*/
private fetchToken(params: TokenAccessParams | TokenRefreshParams): Observable<Token> {
const requestParams = {
...this.tokenRequestParams,
...params
};
return this.httpClient.post(this.TOKEN_ENDPOINT, requestParams).pipe(
tap((res: Token) => {
const {access_token, refresh_token} = res;
sessionStorage.setItem(AuthService.SESSION_ST_ACCESS_TOKEN, access_token);
if (refresh_token) { localStorage.setItem(AuthService.LOCAL_ST_REFRESH_TOKEN, refresh_token); }
})
);
}
/**
* Method use current token to get new token
* @returns - New token
*/
private updateAccessToken(): Observable<any> {
return this.fetchToken({
refresh_token: this.refreshToken,
grant_type: 'refresh_token'
});
}