oauth2.0 从 Google Fit 获取 永久 访问 令牌

2skhul33  于 2022-11-21  发布在  Go
关注(0)|答案(2)|浏览(172)

我 正在 尝试 从 Google Fit 中 提取 * * 我 自己 的 数据 * * 。 Google oAuth 2.0 要求 您 为 * * 任何 * * Google Fit API 请求 提供 访问 令牌 。 有 没有 什么 方法 可以 让 我 的 应用 程序 不 受 限制 地 访问 这些 数据 ? 我 使用 的 是 REST API 。

34gzjxbg

34gzjxbg1#

了解刷新令牌的概念。当访问令牌过期时,可以使用这些长期令牌来请求新的访问令牌。您可以通过向OAuth登录请求添加&access_type=offline&prompt=consent来从Google API获取刷新令牌,如this answer中所述。

laawzig2

laawzig22#

Is there any way I can let my application get unrestricted access to that data? I am using the REST API.
No. You must supply credentials with every request.
After you authenticate successfully, every subsequent request must contain the OAuth access token you received as part of the OAuth process in the Authorization header like this:

Authorization: Bearer ya29.OAuthTokenValue

In any REST API that is not open to everyone in the world, you will be required to identify yourself with credentials on every single request. That can be done either with a cookie, a header or a parameter in the URL. In the Google Fit case, it requires a header on every request.
This is explained on the Google developers site here .
These access tokens you get from the OAuth process are "short-lived". They do not last forever. So, you cannot just get one and use it forever. This is for security reasons.
Google explains this process more here: https://developers.google.com/fit/rest/v1/authorization

相关问题