Hi Ishara, Thanks for the response. As per [1], [2] google refresh tokens never expires, quoting the statement "Refresh tokens are valid until the user revokes access. This field is only present if access_type=offline is included in the authorization code request" normally access tokens expires in 60 mins. Further more there are no password grant type in google. So we have to go to consent page to get the tokens. (Although there is a service account concept where we need to a key to get access)
[1] - https://developers.google.com/identity/protocols/OAuth2WebServer [2] - http://stackoverflow.com/questions/8953983/do-google-refresh-tokens-expire Thanks, On Wed, Jul 29, 2015 at 4:35 PM, Ishara Karunarathna <[email protected]> wrote: > Hi Rajith, > > On Wed, Jul 29, 2015 at 11:48 AM, Rajith Vitharana <[email protected]> > wrote: > >> Hi All, >> >> We are in the process of implementing Oauth2 support for google >> spreasheets API. We have used "google-api-client" for this >> purpose(dependency is in [1]) We are going to give a tool so that user can >> generate Access token, Refresh token and store them in the DBS file. (going >> to add the generation tool since google doesn't let us use Refresh tokens >> generated by other clients) >> > > What are the validity period of these refresh and access tokens. If > refresh token has limited time this approach also not going to work as you > expected. > In that case there should be a way to get a new toke if access token or > refresh token expired. even you should be able to handle token revocation > scenarios. > > Thanks, > Ishara > >> >> We thought of only to save Refresh token in the dbs file since the Access >> token will be expired after some time and it will make the dbs file contain >> wrong data. Our approach will be to request and get a access token in the >> dbs deployment time using the refresh token we have. Will this approach be >> good to tackle the situation? >> >> [1] - <dependency> >> <groupId>com.google.api-client</groupId> >> <artifactId>google-api-client</artifactId> >> <version>1.20.0</version> >> </dependency> >> >> Thanks, >> >> -- >> Rajith Vitharana >> >> Software Engineer, >> WSO2 Inc. : wso2.com >> Mobile : +94715883223 >> Blog : http://lankavitharana.blogspot.com/ >> > > > > -- > Ishara Karunarathna > Senior Software Engineer > WSO2 Inc. - lean . enterprise . middleware | wso2.com > > email: [email protected], blog: isharaaruna.blogspot.com, mobile: > +94717996791 > -- Rajith Vitharana Software Engineer, WSO2 Inc. : wso2.com Mobile : +94715883223 Blog : http://lankavitharana.blogspot.com/
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
