ruby-on-rails - Infinite Oauth token rotation for machine-to-machine connection
问题描述
I am trying to send a POST request to the https://apiexplorer.nationbuilder.com/ API as a side effect in a Rails controller.
As far as I can tell this API requires you to use OAuth 2.0. Is there a way to keep OAuth tokens alive forever, so that the end user doesn't have to know about third party API authentication?
I am thinking that requesting a new refresh token every X minutes in a CRON task and then storing it in either Rails server instance memory or DB (PG, Redis) might solve this issue, but if possible I would want to avoid these architecture changes.
I was also considering initializing the app with an access token and then refreshing the refresh token on every request, but what happens if no one uses the application for a long time and the access and refresh tokens expire?
EDIT:
It turns out that when it comes to the nationbuilder you can request the initial access_token and it never expires unless it is revoked.
But the general question in still ->
How would one keep expiring Oauth sessions alive on the server side without ever needing to ask for re-authentification?
解决方案
推荐阅读
- android - 意图进行另一个活动后如何在recyclerview中保存复选框的值
- javascript - RangeError:调度操作时超出了最大调用堆栈大小
- java - Google API 为 CDN 缓存失效抛出 Rate Limit Exceeded 403 异常
- javascript - 表格中某些列的水平滚动?
- amazon-web-services - 来自坏节点的 EMR 容器上的 SPARK
- javascript - 如何在 JavaScript 文件中配置类型以获取自动建议?
- ios - 如果我的模型对象的属性是自定义对象的数组,我如何让用户将对象附加到它?
- java - 来自命令行的 Spring Boot 参数
- bash - 优化查找 BASH 数组中最大元素的索引
- vb.net - 如何限制运行的应用程序数量?