0

Permissible I have a service that provides to access another data service(googledrive).

Is this possible that saves access data of user for further using it?

User choose a googledrive in my service and i rederict he to authentication page of google. He accept this and working on this. Via some days he wants work on the googledrive service and he should be able do this without accepting. How can i do this?

I hope that i explain what wanting..

Regards beforehand!!

mimming
  • 13,974
  • 3
  • 45
  • 74
dilshod
  • 1,831
  • 2
  • 12
  • 11

1 Answers1

0

If the user is present/interacting with your app whenever you need to connect to the Drive API, then you don't need to do anything special. Whenever the access token expires (ever 1h) just reauthorize in a popup (or hidden iframe if you set immediate=true in the request) and this will generate a new access token without re-prompting the user. This works so long as the user doesn't revoke access to your app.

If you need to access Drive in background proceses or queues where you can't interact with the user, then include access_type=offline when making the initial authorization request. This will produce a refresh token in addition to the access token. The refresh token can be used to obtain new access tokens without user interaction so long as they haven't revoked access.

Steve Bazyl
  • 11,002
  • 3
  • 21
  • 24
  • Thanks, Steve for explianing! Now i have another question, so i don't create new one and asked there. How can i write specs(Rspec,Capybara e.t.) for this? How can authorize user in google and how get authoration_code for obtain access token from test code? Explain me, please! Where i may look for understand how write spec's like this. Thanks.... – dilshod Nov 21 '12 at 06:06
  • 1
    What exactly do you want to test? If you don't care about talking to a live server and just want to stub/mock the network calls, both signet & the google API client allow passing a connection in calls (:connection in the options hash.) The connection can be a stub that you can use to verify the right calls are being made and you can use Faraday's Stub connection class for this. If, on the other hand, you want integration tests that hit the real thing, then you'll likely want to some simple persistence of the access/refresh token in test setup so you don't need to reauthorize every test run. – Steve Bazyl Nov 26 '12 at 18:56