所以我有一个应用程序需要使用 OAuth2 访问来自 google 的数据。我有方法来刷新存储的数据并将新帐户添加到应用程序中。我一直在使用两个帐户进行测试。我用一个帐户登录没有问题,用那个帐户刷新就可以了(开始)。我可以同时登录我的第二个帐户并同时刷新两组数据。但是,在长时间缺席后,我回来尝试使用一个或两个帐户刷新,但它崩溃了。从我的日志中,我推断 token 不再有用,并且服务器已停止向我返回任何数据。每次我发送请求时,我首先使用我的刷新 token 刷新我的访问 token ,这些 token 保存在手机内存中。
Q1:我是否正确评估了问题,即我的代币有问题吗?
Q2:刷新 token 是否会在给定期限后过期?
如果是 Q3:我该怎么做才能解决这个问题?
这是我的一段代码,从 token 刷新到数据请求:
NSString *post = [NSString stringWithFormat:@"client_id=%@&client_secret=%@&refresh_token=%@&grant_type=refresh_token", mAuth.clientID, mAuth.clientSecret, [self.defaults objectForKey:[NSString stringWithFormat:@"refresh_token %i", i]]];
NSLog(@"AT - %@", [self.defaults objectForKey:[NSString stringWithFormat:@"access_token %i", i]]);
NSLog(@"TT - %@", [self.defaults objectForKey:[NSString stringWithFormat:@"token_type %i", i]]);
NSLog(@"ET - %@", [self.defaults objectForKey:[NSString stringWithFormat:@"expires_in %i", i]]);
NSLog(@"RT - %@", [self.defaults objectForKey:[NSString stringWithFormat:@"refresh_token %i", i]]);
NSLog(@"%@", post);
NSMutableData *postData = [NSMutableData data];
[postData appendData:[post dataUsingEncoding:NSASCIIStringEncoding]];
NSString *postLength = [NSString stringWithFormat:@"%d", [postData length]];
NSMutableURLRequest *request = [[NSMutableURLRequest alloc]init];
[request setURL:[NSURL URLWithString:[NSString stringWithFormat:@"https://accounts.google.com/o/oauth2/token"]]];
[request setHTTPMethod:@"POST"];
[request setValue:postLength forHTTPHeaderField:@"Content-Length"];
[request setValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"Content-Type"];
[request setHTTPBody:postData];
NSURLResponse *response;
NSError *error;
NSData *connection = [NSURLConnection sendSynchronousRequest:request returningResponse:&response error:&error];
NSString *tokenString = [[NSString alloc]initWithData:connection encoding:NSUTF8StringEncoding];
NSLog(@"%@", tokenString);
[self complexParseFromString:tokenString forInt:i];
NSLog(@"AT - %@", [self.defaults objectForKey:[NSString stringWithFormat:@"access_token %i", i]]);
NSLog(@"TT - %@", [self.defaults objectForKey:[NSString stringWithFormat:@"token_type %i", i]]);
NSLog(@"ET - %@", [self.defaults objectForKey:[NSString stringWithFormat:@"expires_in %i", i]]);
NSLog(@"RT - %@", [self.defaults objectForKey:[NSString stringWithFormat:@"refresh_token %i", i]]);
NSMutableURLRequest *GETRequest = [[NSMutableURLRequest alloc]initWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"https://www.googleapis.com/youtube/v3/channels?part=contentDetails&mine=true"]]];
[GETRequest setHTTPMethod:@"GET"];
[GETRequest setValue:@"www.googleapis.com" forHTTPHeaderField:@"Host"];
[GETRequest setValue:[NSString stringWithFormat:@"Bearer %@", [self.defaults objectForKey:[NSString stringWithFormat:@"access_token %i", i]]] forHTTPHeaderField:@"Authorization"];
connection = [NSURLConnection sendSynchronousRequest:GETRequest returningResponse:&response error:&error];
responderString = [[NSString alloc]initWithData:connection encoding:NSUTF8StringEncoding];
arrayChannel = [[NSMutableArray alloc]initWithArray:[self simpleParseFromString:responderString]];
GETRequest = [[NSMutableURLRequest alloc]initWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"https://www.googleapis.com/youtube/v3/playlistItems?part=contentDetails&playlistId=%@", [arrayChannel objectAtIndex:[arrayChannel indexOfObject:@"uploads"] + 1]]]];
[GETRequest setHTTPMethod:@"GET"];
[GETRequest setValue:@"www.googleapis.com" forHTTPHeaderField:@"Host"];
[GETRequest setValue:[NSString stringWithFormat:@"Bearer %@", [self.defaults objectForKey:[NSString stringWithFormat:@"access_token %i", i]]] forHTTPHeaderField:@"Authorization"];
connection = [NSURLConnection sendSynchronousRequest:GETRequest returningResponse:&response error:&error];
responderString = [[NSString alloc]initWithData:connection encoding:NSUTF8StringEncoding];
最佳答案
根据 https://developers.google.com/accounts/docs/OAuth2ForDevices
“访问 token 的生命周期有限。如果您的应用程序需要长时间访问 API,那么它可以使用刷新 token 来获取新的访问 token (请参阅使用刷新 token )。如果您的应用程序需要这种类型访问权限,那么它应该存储刷新 token 以供以后使用。”
注意:对于 Google,刷新 token 不会过期。但是,我也看到过刷新 token 过期的 oauth 提供程序。 AFAIK规范没有指定。
关于ios - Google OAuth token 在一段时间后停止工作(iOS 7 应用程序),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/22210442/