为什么我需要不断更新我的 Google 授权访问令牌?
Why do I need to constantly renew my Google Auth Access Token?
在 Php 中,我使用 Gmail API 阅读和删除来自通用电子邮件地址的邮件。
运行 非常完美,但我总是需要(每天几次)重新生成一个新的访问令牌,以便将我的脚本访问到邮箱,为什么?
我在 "force" 上指定了一个应该永远有效的批准提示。
最后一点,我将 Google 客户端库与作曲家一起使用(google/apiclient 2.0 版)
这是我的 Php 代码:
private function getClient()
{
$client = new \Google_Client();
$client->setApplicationName('My app');
$client->setScopes(\Google_Service_Gmail::MAIL_GOOGLE_COM);
$configPath = CONFIG . 'client_secret_123456790.apps.googleusercontent.com.json';
$client->setAuthConfig($configPath);
$client->setApprovalPrompt('force');
$client->setIncludeGrantedScopes(true);
$client->setLoginHint('email@example.com');
$client->setAccessType('offline');
$client->setPrompt('consent');
$tokenPath = CONFIG . 'token.json';
if (file_exists($tokenPath)) {
$accessToken = json_decode(file_get_contents($tokenPath), true);
$client->setAccessToken($accessToken);
}
// If there is no previous token or it's expired.
if ($client->isAccessTokenExpired()) {
// Refresh the token if possible, else fetch a new one.
if ($client->getRefreshToken()) {
$client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
} else {
return false;
}
// Save the token to a file.
if (!file_exists(dirname($tokenPath))) {
mkdir(dirname($tokenPath), 0700, true);
}
file_put_contents($tokenPath, json_encode($client->getAccessToken()));
}
return $client;
}
It's running perfectly but I always need (several times per day) to regenerate a new access token to give access to my script to the mail box, why ?
Access tokens are only valid for one hour this is standard for Oauth. You are requesting off line access so there for have a refresh token which can be used to request a new access token from the authencation server.
I have specified an Approval Prompt on "force" which is supposed to work forever.
If you include approval Prompt on "force" in your request then it will force the user to login again and grant your application consent to the scopes. I have no idea where you got the idea that this cause it to work for ever.
Oauth2
You are using oauth2 access tokens expire after one hour using offline access will give you a refresh token which you can store and use to request a new access token when ever your access token expires
You appear to have implemented this already If its not working i sugest you check that the code is being hit and that you have not lost the refresh token somehow.
$client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
storing the refresh token
I cant find anywhere in your code that you are saving the refresh token When you authenticate the user the first time. You will get a refresh token back you should store this in a file somewhere then you can use it to create a new access token the next time you 运行 your script
$client->fetchAccessTokenWithRefreshToken("TokenFromFile");
The refresh token is only returned the first time the user authenticates your application or when you add approval prompt force. There should be no reason to over write this token unless you haven't used it for more than six months.
在 Php 中,我使用 Gmail API 阅读和删除来自通用电子邮件地址的邮件。 运行 非常完美,但我总是需要(每天几次)重新生成一个新的访问令牌,以便将我的脚本访问到邮箱,为什么?
我在 "force" 上指定了一个应该永远有效的批准提示。 最后一点,我将 Google 客户端库与作曲家一起使用(google/apiclient 2.0 版)
这是我的 Php 代码:
private function getClient()
{
$client = new \Google_Client();
$client->setApplicationName('My app');
$client->setScopes(\Google_Service_Gmail::MAIL_GOOGLE_COM);
$configPath = CONFIG . 'client_secret_123456790.apps.googleusercontent.com.json';
$client->setAuthConfig($configPath);
$client->setApprovalPrompt('force');
$client->setIncludeGrantedScopes(true);
$client->setLoginHint('email@example.com');
$client->setAccessType('offline');
$client->setPrompt('consent');
$tokenPath = CONFIG . 'token.json';
if (file_exists($tokenPath)) {
$accessToken = json_decode(file_get_contents($tokenPath), true);
$client->setAccessToken($accessToken);
}
// If there is no previous token or it's expired.
if ($client->isAccessTokenExpired()) {
// Refresh the token if possible, else fetch a new one.
if ($client->getRefreshToken()) {
$client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
} else {
return false;
}
// Save the token to a file.
if (!file_exists(dirname($tokenPath))) {
mkdir(dirname($tokenPath), 0700, true);
}
file_put_contents($tokenPath, json_encode($client->getAccessToken()));
}
return $client;
}
It's running perfectly but I always need (several times per day) to regenerate a new access token to give access to my script to the mail box, why ?
Access tokens are only valid for one hour this is standard for Oauth. You are requesting off line access so there for have a refresh token which can be used to request a new access token from the authencation server.
I have specified an Approval Prompt on "force" which is supposed to work forever.
If you include approval Prompt on "force" in your request then it will force the user to login again and grant your application consent to the scopes. I have no idea where you got the idea that this cause it to work for ever.
Oauth2
You are using oauth2 access tokens expire after one hour using offline access will give you a refresh token which you can store and use to request a new access token when ever your access token expires
You appear to have implemented this already If its not working i sugest you check that the code is being hit and that you have not lost the refresh token somehow.
$client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
storing the refresh token
I cant find anywhere in your code that you are saving the refresh token When you authenticate the user the first time. You will get a refresh token back you should store this in a file somewhere then you can use it to create a new access token the next time you 运行 your script
$client->fetchAccessTokenWithRefreshToken("TokenFromFile");
The refresh token is only returned the first time the user authenticates your application or when you add approval prompt force. There should be no reason to over write this token unless you haven't used it for more than six months.