dongsuiying7773
2016-12-31 13:17
浏览 337
已采纳

PHP oauth2如何使用refresh_token

I´m a bit puzzled how to use auth_ and refresh_token correctly in php.

I have registered a new client app with the oauth-provider. After that my app sends the client-id and secret to the oauth2-authorization-endpoint which returns following:

Array
(
    [result] => Array
        (
            [access_token] => qjdcshsmgwcuvi7hzpgxwqapfb8aoab60fmprk1g
            [expires_in] => 86400
            [token_type] => Bearer
            [scope] => basic
            [refresh_token] => whnutk9npmaikcn1bxbovleuqn9ggn9j00jgyiph
        )

    [code] => 200
    [content_type] => application/json
) 

Great, I can now query the API by use of access_token. BUT the access_token will expire in 24h and the whole dance will start again.

Questions:

  • where do I store the access_token that the whole process does not run on every request? A session will not be persistent, in a conf file, memcache a DB?)
  • How to deal with the refresh token should I save a timestamp in the session and check if a new access_token has to be requested?
  • 写回答
  • 好问题 提建议
  • 追加酬金
  • 关注问题
  • 邀请回答

1条回答 默认 最新

相关推荐 更多相似问题