Box中使用oauth2.0并使用ruby的令牌刷新回调访问令牌

问题描述 投票:0回答:2

我是Box Api和ruby的新手。我正在尝试刷新令牌,但不确定以下代码中的token_refresh_callback是什么

client = Boxr::Client.new('zX3UjFwNerOy5PSWc2WI8aJgMHtAjs8T',
                      refresh_token: 'dvfzfCQoIcRi7r4Yeuar7mZnaghGWexXlX89sBaRy1hS9e5wFroVVOEM6bs0DwPQ',
                      client_id: 'kplh54vfeagt6jmi4kddg4xdswwvrw8y',
                      client_secret: 'sOsm9ZZ8L8svwrn9FsdulLQVwDizKueU',
                      &token_refresh_callback)

而且,一旦我的访问令牌过期,此方法是否会撤消令牌?感谢您的帮助!

ruby box-api refresh-token
2个回答
0
投票
在box_api_controller.rb文件中

def make_request #Check access token expire or not. check_access_token_expire = check_access_token_expire_dt if check_access_token_expire.split("-")[0] == "access_token" #Create client by passing Token @box_client = Boxr::Client.new(check_access_token_expire.split("-")[1]) cookies[:token] = check_access_token_expire.split("-")[1] else if check_access_token_expire.split("-")[0] == "refresh_token" #Call method create_post_req_url("refresh_token","refresh_token",check_access_token_expire.split("-")[1]) else # kick off authorization flow parameters = "response_type=code&client_id=<your client id>&redirect_uri=<your application url>/handle_user_decision/&state=security_token" url = "https://account.box.com/api/oauth2/authorize?#{parameters}" redirect_to url end end end

在授权了客户端ID之后,获得响应代码

def handle_user_decision
  # kick off authorization flow
  #Get authorization code
  code_url = Rack::Utils.parse_query URI(request.original_url).query
  code = code_url["code"] 
  #Call method
  create_post_req_url("authorization_code","code", code) 
end

创建帖子网址
def create_post_req_url(grant_type,header, code)
    #Set oauth2 url
    uri = URI.parse("https://api.box.com//oauth2//token")
    #Passing parameter
    data = "grant_type=#{grant_type}&#{header}=#{code}&client_id=<your client id>&client_secret=<your client secret key>"
    #Set header
    headers = {"Content-Type" => "application/x-www-form-urlencoded"}
    #Get http request
    http = Net::HTTP.new(uri.host,uri.port)
    http.use_ssl = true
    http.verify_mode = OpenSSL::SSL::VERIFY_NONE
    #Do post the URL
    response = http.post(uri.path,data.to_s,headers)
    #Check response
    if response.code != "200"
        flash[:alert] =":#{response.code}  #{JSON.parse(response.body)}"
    else
        #flash[:alert] ="#{response.body.to_json}"
        parsed = JSON.parse(response.body) # returns a hash
        token = parsed["access_token"]
        cookies[:token] = nil
        cookies[:token] = token      
        if grant_type == "authorization_code"
            #Insert BOX access token details
            user = "<your drive user name>"
            insert_access_token(user, token, parsed["refresh_token"], Time.now)
        else
            if grant_type == "refresh_token"
                #Update BOX access token 
                updt_access_token(user, token, code, parsed["refresh_token"], Time.now)
            end  
        end
        redirect_to box_api_index_path
    end
end

检查访问令牌是否过期

def check_access_token_expire_dt
    @access_token_time = BoxApiAccessToken.getaccesstokentime
    if !@access_token_time.blank?
        @access_token_time.each do |token_details |
            if token_details.access_token_dt != nil
                if token_details.new_access_token_dt.to_datetime.new_offset(Rational(9, 24)).strftime('%Y/%m/%d %H:%M') < Time.now.to_datetime.new_offset(Rational(9, 24)).strftime('%Y/%m/%d %H:%M')
                    check_access_token_expire_dt = "refresh_token-#{token_details.refresh_access_token}"
                    return check_access_token_expire_dt
                else
                    check_access_token_expire_dt = "access_token-#{token_details.access_token}"
                    return check_access_token_expire_dt
                end
            else
                check_access_token_expire_dt = "new_token-req_new_token"
                return check_access_token_expire_dt
            end
        end
    else
        check_access_token_expire_dt = "new_token-req_new_token"
        return check_access_token_expire_dt
    end
end

在模型中

def insert_access_token(user,access_token,refresh_access_token,access_token_dt)
    @box_access_token = BoxApiAccessToken.new(
            :user => user,
            :access_token => access_token,
            :refresh_access_token => refresh_access_token,
            :access_token_dt => access_token_dt)

            #Save User Device Data
            @box_access_token.save
end

#Update access_token,refresh_access_token,access_token_dt details in DB


 def updt_access_token(user,access_token, refresh_access_token,new_refresh_access_token,access_token_dt)
    #@box_access_token_updt = BoxApiAccessToken.find_refresh_access_token(refresh_access_token)
    @box_access_token_updt = BoxApiAccessToken.find_by_refresh_access_token(refresh_access_token)
    attributes = {:access_token => access_token,:access_token_dt => access_token_dt, :refresh_access_token => new_refresh_access_token, :updated_at => access_token_dt}
    #Update the object
    @box_access_token_updt.update_attributes(attributes)
end

在index.html.erb中

<%= form_tag(:controller => "box_api", :action => 'make_request') do |f| %>
<div class="form-group"><%= submit_tag("Box Login", class: "btn btn-primary") %></div><% end %>
0
投票
最新问题
© www.soinside.com 2019 - 2024. All rights reserved.