access-token

问题 Closed. This question is off-topic. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 5 years ago . Like many other people on the web I was worrying about the expiration of the 60-day access tokens because my app will do some async publishing and I cannot initiate re-athorization because those jobs run on the backend without any user-involvement. Then I disovered that there are "App access Tokens" (http:/

问题 I am trying to develop a simple tool that uses Authlib OAuth2 server to get refresh tokens but example server here does not issue a refresh token. When I print the token I get the following: {'access_token': '....', 'scope': 'profile', 'token_type': 'Bearer', 'expires_in': 864000, 'expires_at': 1532191887} The flow is Authorization code as referred here; first I handle the consent part: client_id = '...' client_secret = '.....' scope = '...' session = OAuth2Session(client_id, client_secret,

问题 I'm using spring-security-oauth2-client for the authentication in my project, but the library expects a "token_type" to be present in the response of the POST-request to https://www.linkedin.com/oauth/v2/accessToken. The library is built following the OAuth2 convention, but LinkedIn is not following this convention. The AccessToken convention: https://tools.ietf.org/html/rfc6749#section-5.1 Does anyone have a fix for this problem? I temporarily cloned one of the child libraries of spring

问题 I'm currently using OAuth 2.0 to access the Google API. From my understanding, I should use the returned refresh token to renew the access token. Should this be refreshed before it expires or should it be when the user requests data from the api using an access token that has expired? If it should be done before it expires, should I just be running a cron job to update out of date tokens? I'm using node.js and mongodb, if that has any bearing on the recommended solution. Thanks a lot! 回答1: It

问题 1 - Is possible to run upload/download of files to google Drive API using always the same access token, a sort of shared host for all my site's users, where they can upload and download directly files? if yes how to do that? Just using "static" access token variable in php client creation/authorization? 2 - Why i setted up my web application project on google api console enabling Gdrive api and it still tells me that my redirect url mis-match? i created the app about mmm... 2/3 hours ago.

问题 I'm having an iOS app where the user authenticates with Facebook on the device and also communicating with my server API. Authentication Today I'm sending the Facebook user access token (over SSL) and the server verifies the token with Facebook. Thats the authentication mechanism for the API. Session token Instead of using a generated token to user for all future API calls, I use the Facebook access token as the session token as well. This makes it a lot easier on the device as you don't have

问题 If my user uses oauth v2 to cloud print to get a credential, how do I get a credential that is good for at least 48 hours? We need to be able to get access to the printer, and keep it for some days. (Conceivably we could require the user to re auth to google once or twice a week, but certainly not more.) If google cloud print can't do this, what system can? (Require cross platform printing, from cloud to win, osx and linux, also require ability to do raw printing to local printer, not just

问题 I have a web api 2 app which I call to using an angularjs client. The web api app is capable of issuing access tokens and refresh tokens for authentication. Having the following lines in the "GrantResourceOwnersCredentials" method, the CORS is working fine for allowing to issue access tokens: var allowedOrigin = context.OwinContext.Get<string>("as:clientAllowedOrigin"); if (allowedOrigin == null) allowedOrigin = "*"; context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[

问题 I'm posting automatically news from web site to FaceBook: www.rybnik.com.pl -> rybnikcompl It worked fine for a few months. But 2 days ago I noticed error: "The user must be an administrator of the page in order to impersonate it." As I know nothing changed in user, application rights, access token, etc. The sending script (in PHP) is also fine - it is still sends post from another sites to FaceBook (of course with another ids and tokens). The strange thing I saw is that on the page: https:/

问题 I'm trying to understand how to use a OAuth2RestTemplate object to consume my OAuth2 secured REST service (which is running under a different project and let's assume also on a different server etc...) f.e. my rest service is: https://localhost:8443/rest/api/user -> Accessing this URL generates an error as I am not authenticated To request a token I would go to: https://localhost:8443/rest/oauth/token?grant_type=password&client_id=test&client_secret=test&username= USERNAME &password= PASSWORD