I suck at this thing, but the common oauth2 the flow is: -user redirected to identity provider for authorization google.com/blabla/cieintis=...&...redirect= -redirected to application app.com/authcode=... -the server side off app.com exchange "authcode + client id + client secret" per access token
The access token is always meant to be used server side and it generally expires. If you want to act on behalf of the user when he is offline you need a refresh token that you will exchange for a new access token whenever you need. The refresh token works until the user removes the authorization for your application, and you can ask as many access token as you want even if the last one has not expired. Oauth 2 defines other exchanges, like sometimes you can exchange client credentials per access token to act on behalf of the application. Google doesnt support this AFAIK. Eran Hammer, f*ck oauth2 http://hueniverse.com/2012/11/fuckoauth-realtimeconf/ El domingo, 13 de enero de 2013, Angel Java Lopez escribió: > Thanks to @jfroma! > > Ah!, I see.... the query string should have a: > access_type=offline > > The old trick of access_type=offline (Get Smart dixit ;-) > > That was my missing piece. I thought the code were for the online client, > only. > > The rest of the message, is for my records and mind sanity, not Node.js > related > > The other piece I misunderstood, it is the existence of a code at Dr.Edit > .NET sample > > https://code.google.com/p/google-drive-sdk-samples/source/browse/dotnet/DrEdit/Models/Utils.cs > ExchangeCode method uses: > > http://code.google.com/p/google-api-dotnet-client/source/browse/Src/GoogleApis.Authentication.OAuth2/DotNetOpenAuth/NativeApplicationClient.cs > and then, the method ProcessUserAuthorization by DotNetOpenAuth, I guessed > it was using something magic. > > Now, thanks to @jfroma response, I started to understand the server flow. > > Instead of using .NET code, I should have explore the Java example: > > http://code.google.com/p/google-api-java-client/source/browse/google-api-client/src/main/java/com/google/api/client/googleapis/auth/oauth2/GoogleAuthorizationCodeTokenRequest.java#80 > to understand the use of the code (retrieved in the first round to Google > OAuth dance), to get the token to be used at server side. > > Angel "PissedByOAuth2TokenDanceAndNotTheFirstTime" Lopez ;-) > > On Sun, Jan 13, 2013 at 11:13 AM, José F. Romaniello < > [email protected]> wrote: > > https://github.com/jfromaniello/refresh-token > https://github.com/jfromaniello/gapps-provisioning > > links > > > 2013/1/13 José F. Romaniello <[email protected]> > > Maybe you can use passport.js with google oauth2, ask for an access > token with 'offline ' so you can get a refresh token as well. I wrote > a module to autorefresh the tokens and i use it with a provisioning > client library i did, is on my github > > 2013/1/13, Angel Java Lopez <[email protected]>: > > Hi people! > > > > I just browsing Google Drive SDK: > > > > Google Drive Developers > > https://developers.google.com/drive/ > > > > There are many examples, in different technologies and languages. There > is > > a JavaScript client example: > > https://developers.google.com/drive/quickstart-js > > > > But I want to use Google Drive like in .NET and other examples in DrEdit > > > > Dr.Edit > > https://developers.google.com/drive/examples/index > > > > For example, the .NET example is an ASP.NET MVC 3 application, where the > > client side makes the OAuth2 web dance ;-), AND THEN SERVER SIDE calls > the > > google side so it can have access, TOO. > > > https://developers.google.com/drive/examples/dotnet#authorizing_a_code_passed_from_the_google_drive_ui > > They are using a library from Google > > http://code.google.com/p/google-api-dotnet-client/ > > > > There is a JavaScript client at: > > http://code.google.com/p/google-api-javascript-client/ > > BUT ORIENTED TO browser client > > > > Any module, or at least, clues of implementing Node.js server side google > > library like .NET one? > > The only reference I found was: > > > http://stackoverflow.com/questions/12131529/any-libraries-that-can-make-accessing-google-apis-as-a-service-account-simpler-f > > > > Angel "Java" Lopez > > @ajlopez > > github:ajlopez > > > > -- > > Job Board: http://jobs.nodejs.org/ > > Posting guidelines: > > https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines > > You received this message because you are subscribed to the Google > > Groups "nodejs" group. > > To post to this group, send email to [email protected] > > To unsubscribe from this group, send email to > > [email protected] > > For more options, visit this group at > > http://groups.google.com/group/nodejs?hl=en?hl=en > > > > -- > Enviado desde mi dispositivo móvil > > > -- > Job Board: http://jobs.nodejs.org/ > Posting guideli > > -- > Job Board: http://jobs.nodejs.org/ > Posting guidelines: > https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines > You received this message because you are subscribed to the Google > Groups "nodejs" group. > To post to this group, send email to > [email protected]<javascript:_e({}, 'cvml', '[email protected]');> > To unsubscribe from this group, send email to > [email protected] <javascript:_e({}, 'cvml', > 'nodejs%[email protected]');> > For more options, visit this group at > http://groups.google.com/group/nodejs?hl=en?hl=en > -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
