通过服务帐户使用 google 库访问驱动器 API 时是否需要显式刷新令牌?
Is there any need to refresh token explicitly when accessing drive API's using google libraries via Service Account?
我有一个用 Java 编写的应用程序,它使用 google 驱动器 API 的 SDK 通过服务帐户将文件上传到 Google 驱动器。我想了解我是否真的需要显式处理访问令牌过期问题,因为根据我的理解,SDK 本身会在令牌过期时检查并刷新令牌。
我可能是错的,但我没有找到任何关于服务帐户令牌刷新的文档。
我附上了 Google 授权的代码:
public void init() throws Exception {
// consider gAuth is a google_scret.json file
gAuth = SecretsUtil.getSecret("auth");
credentials = GoogleCredentials.fromStream(new ByteArrayInputStream(gAuth.getBytes()))
.createScoped(DriveScopes.all());
requestInitializer = new HttpCredentialsAdapter(credentials);
log.info("Google Auth Service Initialized");
}
public HttpRequestInitializer getCredential() {
return requestInitializer;
}
答案:
不用了,这个给你处理了
更多信息:
来自文档:
A service account uses an OAuth 2.0 flow that does not require human authorization. Instead, it uses a key file that only your application can access.
我们的想法是,服务帐户将继续 运行,做它需要做的事情,而不需要任何人的交互,所以客户端库会为您处理。
Access tokens issued by the Google OAuth 2.0 Authorization Server expire one hour after they are issued. When an access token expires, then the application should generate another JWT, sign it, and request another access token.
参考文献:
我有一个用 Java 编写的应用程序,它使用 google 驱动器 API 的 SDK 通过服务帐户将文件上传到 Google 驱动器。我想了解我是否真的需要显式处理访问令牌过期问题,因为根据我的理解,SDK 本身会在令牌过期时检查并刷新令牌。
我可能是错的,但我没有找到任何关于服务帐户令牌刷新的文档。
我附上了 Google 授权的代码:
public void init() throws Exception {
// consider gAuth is a google_scret.json file
gAuth = SecretsUtil.getSecret("auth");
credentials = GoogleCredentials.fromStream(new ByteArrayInputStream(gAuth.getBytes()))
.createScoped(DriveScopes.all());
requestInitializer = new HttpCredentialsAdapter(credentials);
log.info("Google Auth Service Initialized");
}
public HttpRequestInitializer getCredential() {
return requestInitializer;
}
答案:
不用了,这个给你处理了
更多信息:
来自文档:
A service account uses an OAuth 2.0 flow that does not require human authorization. Instead, it uses a key file that only your application can access.
我们的想法是,服务帐户将继续 运行,做它需要做的事情,而不需要任何人的交互,所以客户端库会为您处理。
Access tokens issued by the Google OAuth 2.0 Authorization Server expire one hour after they are issued. When an access token expires, then the application should generate another JWT, sign it, and request another access token.