Stuart Laverick - 2012-12-12 19:53:13 - In reply to message 2 from Manuel Lemos
Googles API OAuth server uses refresh tokens: developers.google.com/accounts/docs ...
Without wanting to hack the class, how would you recommend we capture the returned refresh token?
I can see how to add the access_type=offline to the url between the Initialize call and the Process call, but the Process function does not capture the refresh_token parameter returned from the server, so I cannot store it via my overloaded StoreAccessToken.
Any help appreciated, thanks.
Manuel Lemos - 2012-12-12 23:04:21 - In reply to message 3 from Stuart Laverick
I may need to study this further but the way I see it, refresh tokens are for when the current token expires. So a check could be placed before the next API call and attempt to get a new token.
The new token replaces the old one, so I do not follow why do you think StoreAccessToken would be an appropriate way to update a refreshed token.
Just keep in mind that since tokens are meant to be used for offline access, using the default storage that relies in sessions, is not a good solution to store tokens because when the user is not present the sessions do not exist.
Stuart Laverick - 2012-12-13 10:43:47 - In reply to message 4 from Manuel Lemos
I have over loaded the StoreAccessToken and GetAccessToken so they both store to the DB locally.
For offline access the Google tokens are short lived (3920 seconds) and will require a new authentication if left to expire.
My plan is to store the refresh token and before each API call to check the expiry on the stored access token, if too old, then use the refresh token to get a new access token.
My only problem is getting and storing the refresh token, as it is passed back as part of the authentication process if access_type=offline is passed in the request. However your class does not pass this through to StoreAccessToken, so I cannot get it to store for later use.
Manuel Lemos - 2012-12-20 04:17:33 - In reply to message 5 from Stuart Laverick
I have not studied this in depth because I did not yet had the time, but the way I see it to get also a refresh token is just a matter of adjusting the dialog URL to include the access_type=offline parameter.
If a refresh token is returned by the server, the class would pass it to the StoreAccessToken function.
Then just use CallAPI to get a new access token, but I've been looking into google (as my other post) and I'm not sure where I could change this class to set the new parameters, I know which need to be set but seeing them is a different issue :P.
if you could give me the line which first calls the api (after initialisation) then it would be simples :P (just a case of editing the URL parameters (as stated above =])).
The approval prompt will work as is first time but if you do not save it it will try and make a new access token without offline access if this happens replace 'auto' with 'force' and it will take you back to the approval page.
to gather the refresh token refer to my post above (may be out by 3 or 4 lines because i added the box functionality to the class previously)
i'm not sure where to go from here though, Thank you for this wonderful class =] it has already helped me heaps and bounds and now I just need to get files via Drive (i am lost with that XD) but thanks again =]