google api - What does "offline" access in OAuth mean? -


what word "offline" mean regard offline access granted oauth server?

does mean resource server return data user when user logged out of third-party application or when user logged out of oauth resource server such facebook or google or twitter?

offline access imo bad name it, , think term google uses not in rfc oauth far remember.

what google off line access?

when request offline access google authentication server returns refresh-token. refresh tokens give application ability request data on behalf of user when user not present , in front of application.

example of app needing off line access:

lets have super awesome app downloads google analytics data makes nice pdf file , emails every morning stats. work application needs have ability access google analytics data when not around give me permission that. super awesome app request offline access , authentication server return refresh token refresh token super awesome app can request new access token when ever wants , google analytics data.

example of app not needing off line access

lets try less awesome app lets upload files google drive. less awesome app doesn't need access google drive account when not around. needs access when online. in theory wouldn't need offline access. in practice does, still gets refresh token wont have ask permission again, think naming incorrect.

documentation stuff

if refresh token present in authorization code exchange, can used obtain new access tokens @ time. called offline access, because user not have present @ browser when application obtains new access token.

the truth offline access

the thing in lot of cases authentication server return refresh token no matter don't have ask gives you. giving ablity access users data when aren't around. users don't know access there data without them being there. (its javascript library , think php library hide refreshtoken there)

example: can test following instructions google 3 legged oauth flow

but posting

https://accounts.google.com/o/oauth2/token code={authcode}&client_id={clientid}.apps.googleusercontent.com&client_secret={clientsecret}&redirect_uri=urn:ietf:wg:oauth:2.0:oob&grant_type=authorization_code

response:

{ "access_token" : "ya29.1.aadtn_vsbmc2ga2lhxstkjvq_roco8vbd6h01aj4pckhlm6qvhbntn-_bizxmw", "token_type" : "bearer", "expires_in" : 3600, "refresh_token" : "1/j-3zpa8xr1o_cxebv9sdkn_f5mtqafhkfxh-3pupij4" }

i have off line access users data, , never told them have it.


Comments

Post a Comment

Popular posts from this blog

Magento/PHP - Get phones on all members in a customer group -

i working on custom magento extension. working around adminhtml part , i've created custom form there. here form code: <?php class vivasindustries_smsnotification_block_adminhtml_sms_sendmass_edit_form extends mage_adminhtml_block_widget_form { public function _preparelayout() { $extensionpath = mage::getmoduledir('js', 'vivasindustries_smsnotification'); $head = $this->getlayout()->getblock('head'); $head->addjs('jquery.js'); $head->addjs('vivas.js'); return parent::_preparelayout(); } protected function _prepareform() { $form = new varien_data_form(array( 'id' => 'edit_form', 'action' => $this->geturl('*/*/save', array('id' => $this->getrequest()->get
Read more

php - .htaccess mod_rewrite for dynamic url which has domain names -

i want convert url ex:( example.com/link.php?url=facebook.com ) ( example.com/facebook.com.php ) how can using .htaccess. or there other process make job easier ? i tried adding script .htaccess file options +followsymlinks rewriteengine on rewriterule url-(.*)\.htm$ link.php?url=$1 but converting url adding "url-" ( example.com/url-facebook.com.php ) i want remove "url-" , want make ( example.com/facebook.com.php ) rewriteengine on rewritecond %{the_request} ^get.*link\.php\?url\= [nc] rewritecond %{request_uri} !/system/.* [nc] rewriterule (.*?)link\.php\?url\=/*(.*) /$1$2 [r=301,ne,l] not sure how above work edit of used use remove index.php url
Read more

Website Login Issue developed in magento -

i have website developed using magento . able login. right now, login failed. infact operations interacts user table failing. need know issue. how figure out? first clear try clear log file second make sure have not upgraded magento and 3rd make sure db accessible in magento -harry p
Read more