Google通讯录令牌过期

时间:2017-02-02 11:12:54

标签: delphi oauth-2.0 google-contacts delphi-6

我使用Google通讯录,一切正常。但一小时后我手动需要刷新授予的访问权限。根据这个SO question,我应该可以通过以下调用更新我的refresh_token:

refresh_token = requests.post(
  'https://accounts.google.com/o/oauth2/token',
   data={
       'client_id': APP_ID,
       'client_secret': APP_SECRET,
       'refresh_token': refresh_token,
       'grant_type': 'refresh_token',
   }
  )

我已将其翻译为此Delphi代码

var
  Http: TidHttp;
  URLString: string;
  Req, Resp: TStringStream;
begin
  Http := TidHttp.Create(nil);
  try
    URLString := 'client_id=' + FGoggleContacts.ClientID;
    URLString := URLString + '&client_secret=' + FGoggleContacts.ClientSecret;
    URLString := URLString + '&refresh_token=' + FGoggleContacts.RefreshToken;
    URLString := URLString + '&grant_type=refresh_token';

    Req := TStringStream.Create(URLString);
    Resp := TStringStream.Create('');
    HTTP.DoRequest(Id_HTTPMethodPost, 'https://accounts.google.com/o/oauth2/token', Req, Resp, []);

  finally
    Req.Free;
    Resp.Free;
    Http.Free;
  end;    
end;

但在调用时我收到http/1.1 400 bad request错误

简而言之,我如何保持与Google的联系?

更新

在@ mjn42的帮助下,我发现我在请求中遗漏了Content-Type。所以我写了一个新方法来刷新我的标记:

procedure TGContacts.RefreshTokens;
var
  Http: TidHttp;
  URLString: string;
  Req, Resp: TStringStream;
  JSon: ISuperObject;
begin
  Http := TidHttp.Create(nil);
  Req := TStringStream.Create('');
  Resp := TStringStream.Create('');
  try
    URLString := 'client_id=' + FClientID;
    URLString := URLString + '&client_secret=' + FClientSecret;
    URLString := URLString + '&refresh_token=' + FRefreshToken;
    URLString := URLString + '&grant_type=refresh_token';
    Req.WriteString(URLString);

    HTTP.Request.ContentType := 'application/x-www-form-urlencoded';
    HTTP.DoRequest(Id_HTTPMethodPost, 'https://accounts.google.com/o/oauth2/token', Req, Resp, []);
    if HTTP.ResponseCode = 200 then
    begin
      JSon := SO(UTF8Decode(Resp.DataString));
      FAccessToken := JSon['access_token'].AsString;
      if JSon['refresh_token'] <> nil then
        FRefreshToken := JSon['refresh_token'].AsString;
    end;

  finally
    Req.Free;
    Resp.Free;
    Http.Free;
  end;
end;

我只是在访问API之前调用它,然后令牌不会过期。

1 个答案:

答案 0 :(得分:2)

根据https://tools.ietf.org/html/rfc6749#section-6的规范,请求应使用内容类型:application / x-www-form-urlencoded 

POST /token HTTP/1.1
Host: server.example.com
Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
Content-Type: application/x-www-form-urlencoded

grant_type=refresh_token&refresh_token=tGzv3JOkF0XG5Qx2TlKWIA
相关问题
最新问题