EDIT: Just published an npm module which should make things easier: https://www.npmjs.com/package/nsrestlet Was able to get some code working after hunting through GitHub Code commits. Still, bknights response is really good. Here’s what I got working. Assuming you have Node.js and npm installed, run: npm install request npm install [email protected] It’s really important that it’s … Read more
As pointed out in the comments by @Kuba Šimonovský the accepted answer is missing other important factors: Actually, it is much much much more complicated. TL;DR One can infer that the refresh token lifespan will be equal to the smallest value among (SSO Session Idle, Client Session Idle, SSO Session Max, and Client Session Max). … Read more
When the whole output is { iat: 1561463667 }, it means, that no extra payload/claims were added when the token was signed. The jsonwebtoken package usually adds iat (issuedAt, the time when the token was issued) as a default claim. In simple words: you can only decode claims, that were added before. To add more … Read more
I got the same problem recently and i solved it with this. <?php $client->setRedirectUri($this->_redirectURI); $client->setAccessType(‘offline’); $client->setApprovalPrompt(‘force’); I explain ….. Refresh token is not returned because we didnt force the approvalPrompt. The offline mode is not enought. We must force the approvalPrompt. Also the redirectURI must be set before these two options. It worked for me. … Read more
Try it with an AsyncTask like this: AsyncTask<Void, Void, String> task = new AsyncTask<Void, Void, String>() { @Override protected String doInBackground(Void… params) { String token = null; try { token = GoogleAuthUtil.getToken( MainActivity.this, mGoogleApiClient.getAccountName(), “oauth2:” + SCOPES); } catch (IOException transientEx) { // Network or server error, try later Log.e(TAG, transientEx.toString()); } catch (UserRecoverableAuthException e) … Read more
Managing a separate instance of GoogleApiClient in each activity will not result in the user being asked to sign in multiple times. Google+ Sign-in (ie. GoogleApiClient) provides an interface to the Google accounts on the device and the Google Play services core service – it doesn’t have state per GoogleApiClient instance. So once a device … Read more
Yes, the refresh token is used to obtain a new access token. When you request the access token for the first time, you usually start by sending a token request to the token endpoint, in case of the so called Resource Owner Password Credentials Grant with user credentials in the request header, e.g. grant_type=password&username=user1&passowrd=very_secret when … Read more
The requests package has a very nice API for HTTP requests, adding a custom header works like this (source: official docs): >>> import requests >>> response = requests.get( … ‘https://website.example/id’, headers={‘Authorization’: ‘access_token myToken’}) If you don’t want to use an external dependency, the same thing using urllib2 of the standard library looks like this (source: … Read more
Obtaining an App Access Token To obtain an App Access Token, invoke the following HTTP GET request: GET https://graph.facebook.com/oauth/access_token? client_id=YOUR_APP_ID &client_secret=YOUR_APP_SECRET &grant_type=client_credentials The API will respond with a query-string formatted string of the form: access_token=YOUR_APP_ID|YOUR_APP_ACCESS_TOKEN Reference: http://developers.facebook.com/docs/opengraph/howtos/publishing-with-app-token/