Youtube oAuth 2.0 API permanent code to retrieve tokens

后端 未结 2 1902
自闭症患者
自闭症患者 2020-12-20 06:55

Basically my goal is to make a form that allows every visitor of my website to upload a video in the comment section to my OWN channel. Currently I\'m using YouTube OAuth ve

相关标签:
2条回答
  • 2020-12-20 07:04

    Try to check if you follow the steps/process here in this documentation.

    1. Register your application as an installed application

    2. Request an access token

    3. User consent decision

    • In this step, the user decides whether to grant your application the ability to make API requests that are authorized as the user. Google's authorization server displays the name of your application and the Google API services that it is requesting permission to access with the user's authorization credentials. The user can then consent or refuse to grant access to your application.

    4. Handle response from Google

    5. Exchange authorization code for refresh and access tokens

    6. Process response and store tokens

    Here, Google will respond to your POST request by returning a JSON object that contains a short-lived access token and a refresh token.

    {
      "access_token" : "ya29.AHES6ZTtm7SuokEB-RGtbBty9IIlNiP9-eNMMQKtXdMP3sfjL1Fc",
      "token_type" : "Bearer",
      "expires_in" : 3600,
      "refresh_token" : "1/HKSmLFXzqP0leUihZp2xUt3-5wkU7Gmu2Os_eBnzw74"
    }
    

    NOte: Your application should store both values in a secure, long-lived location that is accessible between different invocations of your application. The refresh token enables your application to obtain a new access token if the one that you have expires. As such, if your application loses the refresh token, the user will need to repeat the OAuth 2.0 consent flow so that your application can obtain a new refresh token.

    Access tokens periodically expire, so it need to be refreshed. When an access token expires, your application may be able to use a refresh token to obtain a new, valid access token. Server-side web applications, installed applications, and devices all obtain refresh tokens during the authorization process.

    Note that tokens might stop, no longer work or expire if:

    • The user has revoked access.

    • The token has not been used for six months.

    • The user account has exceeded a certain number of token requests.

    0 讨论(0)
  • 2020-12-20 07:21

    You should follow KENdi's instructions on how to get the token -- he pretty much pulled it straight from the docs. But, you should only have to do that once. The trick is to save the refresh_token somewhere, and then use that to get a new access token before you want to upload a video. Here's my quick and dirty NodeJS solution:

    function getAccessToken () {
        const options = {
        method: 'POST',
        uri: 'https://accounts.google.com/o/oauth2/token',
        form: {
            client_id: 'YOUR_CLIENT_ID',
            client_secret: 'YOUR_CLIENT_SECRET',
            refresh_token: 'YOUR_REFRESH_TOKEN',
            grant_type: 'refresh_token'
          }
        }
    
        return request(options)
            .then(body => JSON.parse(body));
    }
    
    getAccessToken.then((token) => uploadSomeYoutubeVideo());
    
    0 讨论(0)
提交回复
热议问题