Can access token be longer than 255 characters?

╄→гoц情女王★ 提交于 2019-12-08 18:12:51

问题


When allowing login by OAuth (such as OpenID, Facebook, Twitter, etc), we save the access token given by the Oath provider in mysql database for future authentication. In some tutorials, the column for saving access token is varchar(255) and some use text. I wonder if the access token (by common websites such as facebook and twitter) is longer than 255 character needing text column. Should we consider this possibility?


回答1:


You won't run in to the problem with Facebook or Twitter from my experience (In 3+ years there hasn't been a problem for me on my systems storing it at length 255). That said, a quick search did bring up this question on Quora http://www.quora.com/OAuth-1/Whats-the-maximum-length-of-an-OAuth-access-token-key-secret-pair

This answer is incredibly old and incorrect. Look at the latest answers. Do not limit the size of the access token.




回答2:


I work at Facebook and I can give a definitive answer about this.

Please don't put a maximum size on the storage for an access token. We expect that they will both grow and shrink over time as we add and remove data and change how they are encoded.

We did give guidance in one place about it being 255 characters. I've updated the blog post that had that information and updated our new access token docs to include a note about sizes:

https://developers.facebook.com/docs/facebook-login/access-tokens/

Sorry for the confusion.




回答3:


this seems outdated... Facebook now may send tokens longer than 255 chars, at least for 60 day tokens (those substituting offline access).

Have you checked this related question?



来源:https://stackoverflow.com/questions/8098515/can-access-token-be-longer-than-255-characters

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!