Is there any way I can let my application get unrestricted access to that data? I am using the REST API. No. You must supply credentials with every request. After you authenticate successfully, every subsequent request must contain the OAuth access token you received as part of the OAuth process in the Authorization header like this:
Authorization: Bearer ya29.OAuthTokenValue
In any REST API that is not open to everyone in the world, you will be required to identify yourself with credentials on every single request. That can be done either with a cookie, a header or a parameter in the URL. In the Google Fit case, it requires a header on every request. This is explained on the Google developers site here . These access tokens you get from the OAuth process are "short-lived". They do not last forever. So, you cannot just get one and use it forever. This is for security reasons. Google explains this process more here: https://developers.google.com/fit/rest/v1/authorization
2条答案
按热度按时间34gzjxbg1#
了解刷新令牌的概念。当访问令牌过期时,可以使用这些长期令牌来请求新的访问令牌。您可以通过向OAuth登录请求添加
&access_type=offline&prompt=consent
来从Google API获取刷新令牌,如this answer中所述。laawzig22#
Is there any way I can let my application get unrestricted access to that data? I am using the REST API.
No. You must supply credentials with every request.
After you authenticate successfully, every subsequent request must contain the OAuth access token you received as part of the OAuth process in the Authorization header like this:
In any REST API that is not open to everyone in the world, you will be required to identify yourself with credentials on every single request. That can be done either with a cookie, a header or a parameter in the URL. In the Google Fit case, it requires a header on every request.
This is explained on the Google developers site here .
These access tokens you get from the OAuth process are "short-lived". They do not last forever. So, you cannot just get one and use it forever. This is for security reasons.
Google explains this process more here: https://developers.google.com/fit/rest/v1/authorization