几个月前,我创建了一个使用oauth2与google进行身份验证的rails应用程序 – 特别是omniauth-google-oauth2 gem.我已经完成了创建身份验证和存储刷新令牌的所有步骤,但最近oauth2停止发送’refresh_token’作为响应的一部分.最初我收到的回复包含:
credentials: {
refresh_token: XXX,token: YYY,expires_at: 1374840767,expires: true
},
现在我只收回一小时内到期的令牌:
credentials: {
token: YYY,
我真的不知道我在应用程序方面做了什么来改变这一点,所以我不确定谷歌是否有变化,或者我做了什么.对于上下文,我的代码如下:
初始化/ omniauth.rb:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2,'KEY','SECRET',{:scope => "userinfo.email,userinfo.profile,analytics.readonly,adsense.readonly"}
end
authentications_controller.rb是我收到响应的地方:
def create auth = request.env["omniauth.auth"] params = request.env["omniauth.params"] project = Project.find(params['project_id']) Authentication.create(:project_id => project.id,:provider => auth['provider'],:uid => auth['uid'],:access_token => auth['credentials']['refresh_token']) flash[:notice] = "Authentication successful." redirect_to owner_view_project_path(project) end
我的initializers / omniauth.rb文件中是否可能缺少某些内容?我已经尝试将以下内容添加到选项哈希中,但这似乎没有带回刷新令牌:
:approval_prompt => "force",:access_type => "offline"
任何帮助将不胜感激!提前致谢!
解决方法
提示:’consent’为您提供刷新令牌.像这样的东西应该工作:
Rails.application.config.middleware.use OmniAuth::Builder do
scopes = [
# we need the profile scope in order to login
"https://www.googleapis.com/auth/userinfo.profile",# this and other scopes could be added,but match them up with the
# features you requested in your API Console
"https://www.googleapis.com/auth/calendar"
]
provider :google_oauth2,GOOGLE_CLIENT_ID,GOOGLE_CLIENT_SECRET,{ scope: scopes.join(" "),access_type: 'offline',prompt: 'consent'}
end