dongsuiying7773 2016-12-31 13:17
浏览 346
已采纳

PHP oauth2如何使用refresh_token

I´m a bit puzzled how to use auth_ and refresh_token correctly in php.

I have registered a new client app with the oauth-provider. After that my app sends the client-id and secret to the oauth2-authorization-endpoint which returns following:

Array
(
    [result] => Array
        (
            [access_token] => qjdcshsmgwcuvi7hzpgxwqapfb8aoab60fmprk1g
            [expires_in] => 86400
            [token_type] => Bearer
            [scope] => basic
            [refresh_token] => whnutk9npmaikcn1bxbovleuqn9ggn9j00jgyiph
        )

    [code] => 200
    [content_type] => application/json
) 

Great, I can now query the API by use of access_token. BUT the access_token will expire in 24h and the whole dance will start again.

Questions:

  • where do I store the access_token that the whole process does not run on every request? A session will not be persistent, in a conf file, memcache a DB?)
  • How to deal with the refresh token should I save a timestamp in the session and check if a new access_token has to be requested?
  • 写回答

1条回答 默认 最新

  • dongshao1021 2016-12-31 13:52
    关注

    If you only use those tokens when your user is online (as in signed in to your application), then I would store it in a session variable. If you'll also use the tokens when the user is not online, it would be recommended to store them in a database. In the first case, you'll receive a refresh token every time the user signs in. In the second case, you'll receive a refresh token only once (i.e. when the user links their 3rd party account to your application).

    To answer your second question, it would be advisable to store the expiry timestamp with the access_token.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 PADS Logic 原理图
  • ¥15 PADS Logic 图标
  • ¥15 电脑和power bi环境都是英文如何将日期层次结构转换成英文
  • ¥20 气象站点数据求取中~
  • ¥15 如何获取APP内弹出的网址链接
  • ¥15 wifi 图标不见了 不知道怎么办 上不了网 变成小地球了
  • ¥50 STM32单片机传感器读取错误
  • ¥50 power BI 从Mysql服务器导入数据,但连接进去后显示表无数据
  • ¥15 (关键词-阻抗匹配,HFSS,RFID标签天线)
  • ¥15 机器人轨迹规划相关问题