Gmail API:永久令牌访问
Gmail API: permanent token access
经过多次研究,我现在可以使用 PHP 代码检索我的 Gmail 收件箱。现在我想知道是否可以在不强制使用 OAuth 登录的情况下获得 API 的永久令牌访问权限。
我正在制作一个小型应用程序,它可以检索 3 个不同的 Gmail 收件箱,使用我的应用程序的人不会浪费时间授权我的 Gmail 应用程序访问不同的收件箱。
我的意思是,有没有一种方法可以避免每次我尝试检索我的 Gmail 收件箱时都进行授权,就像永久令牌访问一样,我只会获得一次,然后将其存储到我的数据库中?
感谢您的帮助。
没有永久令牌之类的东西,但是有刷新令牌:
Handling authorization
requests
Exchange the authorization code for an access token
The authorization code is a one-time code that your server can
exchange for an access token. This access token is passed to the Gmail
API to grant your application access to user data for a limited time.
If your application requires offline access, the first time your app
exchanges the authorization code, it also receives a refresh token
that it uses to receive a new access token after a previous token has
expired. Your application stores this refresh token (generally in a
database on your server) for later use.
Important: Always store user refresh tokens. If your application needs
a new refresh token it must send a request with the approval_prompt
query parameter set to force. This will cause the user to see a dialog
to grant permission to your application again.
这是来自 Gmail API Quickstart
的片段
// Refresh the token if it's expired.
if ($client->isAccessTokenExpired()) {
$client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
file_put_contents($credentialsPath, json_encode($client->getAccessToken()));
}
经过多次研究,我现在可以使用 PHP 代码检索我的 Gmail 收件箱。现在我想知道是否可以在不强制使用 OAuth 登录的情况下获得 API 的永久令牌访问权限。
我正在制作一个小型应用程序,它可以检索 3 个不同的 Gmail 收件箱,使用我的应用程序的人不会浪费时间授权我的 Gmail 应用程序访问不同的收件箱。
我的意思是,有没有一种方法可以避免每次我尝试检索我的 Gmail 收件箱时都进行授权,就像永久令牌访问一样,我只会获得一次,然后将其存储到我的数据库中?
感谢您的帮助。
没有永久令牌之类的东西,但是有刷新令牌:
Handling authorization requests
Exchange the authorization code for an access token
The authorization code is a one-time code that your server can exchange for an access token. This access token is passed to the Gmail API to grant your application access to user data for a limited time.
If your application requires offline access, the first time your app exchanges the authorization code, it also receives a refresh token that it uses to receive a new access token after a previous token has expired. Your application stores this refresh token (generally in a database on your server) for later use.
Important: Always store user refresh tokens. If your application needs a new refresh token it must send a request with the approval_prompt query parameter set to force. This will cause the user to see a dialog to grant permission to your application again.
这是来自 Gmail API Quickstart
的片段// Refresh the token if it's expired.
if ($client->isAccessTokenExpired()) {
$client->fetchAccessTokenWithRefreshToken($client->getRefreshToken());
file_put_contents($credentialsPath, json_encode($client->getAccessToken()));
}