我能够使用GoogleSignInAccount.getIdToken()
接收Google ID令牌,因此我对如何处理它有很少的疑问
- 令牌大约是1kb字符串。我不能用每个服务器请求发送它。那么正确的方法如何在Serveride上验证它?
- 我看不到刷新ID令牌的方法。这是在GoogleSignInAccount类中自动发生的吗?
- 在Google方面有任何限制(配额)吗?
1.对于不超载服务器,我们决定在相同的到期时间(1小时)
中生成内部(短)访问令牌2.可以通过再次调用登录函数来实现刷新:
private void loginGoogle(){
//context is Activity
GoogleSignInOptions gso = new GoogleSignInOptions.Builder(GoogleSignInOptions.DEFAULT_SIGN_IN)
.requestIdToken(context.getString(R.string.default_web_client_id)).requestEmail()
.build();
if (googleApiClient!=null) {
googleApiClient.stopAutoManage((FragmentActivity) context);
googleApiClient.disconnect();
}
googleApiClient = new GoogleApiClient.Builder(context)
.enableAutoManage((FragmentActivity) context, new GoogleApiClient.OnConnectionFailedListener() {
@Override
public void onConnectionFailed(@NonNull ConnectionResult connectionResult) {
Log.d("auth", "connection failed");
}
})
.addApi(Auth.GOOGLE_SIGN_IN_API, gso)
.build();
//
OptionalPendingResult<GoogleSignInResult> opr =
Auth.GoogleSignInApi.silentSignIn(googleApiClient);
if (opr.isDone()) {
GoogleSignInResult r = opr.get();
Log.d("auth", "google silent signin sync");
fillGoogleProfile(r.getSignInAccount());
} else {
opr.setResultCallback(new ResultCallback<GoogleSignInResult>() {
@Override
public void onResult(@NonNull GoogleSignInResult result) {
Log.d("auth", "google silent signin async");
if (result.getSignInAccount()==null) {
Intent signInIntent = Auth.GoogleSignInApi.getSignInIntent(googleApiClient);
//catch result in the onActivityResult
context.startActivityForResult(signInIntent, RC_SIGN_IN);
return;
}
fillGoogleProfile(result.getSignInAccount());
}
});
}
}
3.静止找不到答案