问题描述
在请求OAuth凭据时,我可以将access_type指定为脱机"或在线".
When requesting OAuth credentials, I can specify the access_type to be Offline or Online.
选择在线访问"类型会强制用户在每次登录时批准对我的应用程序的访问.这是为什么?用户是否尚未批准我的应用?
Opting for the Online access type forces the users to approve access to my app each time they login. Why is that? Hasn't the user already approved my app?
更新#1:
我已将我的roval_prompt设置为自动".
如果我只是注销而不删除任何cookie的Google,它不会再提示我.但是删除Cookie会返回授权屏幕.
I have my approval_prompt set to 'auto'.
If I just log out of Google without deleting any cookies, it doesn't prompt me again. But deleting the cookies brings back the grant screen.
更新#2:
它可以在OAuth Playground上正常运行. http://code.google.com/oauthplayground/
It works fine through the OAuth Playground. http://code.google.com/oauthplayground/
将OAuth 2.0用于Web服务器应用程序 https://developers.google.com/accounts/docs/OAuth2WebServer
Using OAuth 2.0 for Web Server Applicationshttps://developers.google.com/accounts/docs/OAuth2WebServer
更新#3:相关代码段
用于生成OAuth URL的Helper方法
Helper method to generate OAuth URL
def build_auth_uri
return @client.authorization.authorization_uri(
:access_type => :online,
:approval_prompt => :auto
).to_s
end
在视图中调用Helper方法
Calling the Helper method in the View
<a href="<%= build_auth_uri %>"> Connect Me! </a>
网页上生成的OAuth URL
Generated OAuth URL on the webpage
https://accounts.google.com/o/oauth2/auth?access_type=online&approval_prompt=auto&redirect_uri=http://localhost:3000/gclient/gcallback&response_type=code
推荐答案
在这些流中还有另一个参数起作用,我怀疑您正在遇到它.这是approval_prompt
参数.
There is one other parameter that comes into play in these flows and I suspect you're running into it. It's the approval_prompt
parameter.
当access_type=online
时,还可以为approval_prompt
指定一个值.如果将其设置为approval_prompt=force
,则即使已授予用户权限,也会始终提示您.
When access_type=online
you are also allowed to specify a value for approval_prompt
. If it is set to approval_prompt=force
, your user will always be prompted, even if they have already granted.
另一方面,当access_type=offline
时,approval_prompt
只能设置为approval_prompt=force
,但是为了弥补此限制,您还提供了refresh_token
,可用于刷新访问令牌.
On the other hand, when access_type=offline
, approval_prompt
can only be set to approval_prompt=force
, but to make up for this restriction you're also provided a refresh_token
which you can use to refresh your access token.
检查您的access_type=online
正在打开的URL.尝试设置approval_prompt=auto
.授权屏幕仅应在第一次出现.
Check the URL that your access_type=online
is opening. Try setting approval_prompt=auto
. The grant screen should only appear the first time.
这篇关于什么时候access_type = Online适用? :OAuth2-Google API的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!