OAuth using limilabs

+1 vote

Hi,
We are having a desktop application that fetch gmail data. Currently we are storing the username and password locally. But Now we are planing to use oauth. I have gone through your documentation and oauth working well.
But it is saying the access token will get expire in every one hour.

But we want that our application will ask for oauth permission only once. Even if they restart the machine and open it next day, we won't ask them to again accept our application.

Please help me in implementing that.

Thanks,
Sarathi

by (1.4k points)
Yes,
I'm following same documentation.
Shall we write the authorizationstate in a file and will read it anytime to refresh it?

71            // Build a generic URL containing the auth code.
72            // This is done here as we cannot modify the DotNetOpenAuth library
73            // and the underlying method only allows parsing an URL as a method
74            // of retrieving the AuthorizationState.
75            string url = "http://example.com/?code=" + authCode;
76            return ProcessUserAuthorization(new Uri(url), authorizationState);
77        }

What does example.com meaning here?
by (1.4k points)
"example.com" is explained in the comment. Writing to file is correct regarding OAuth process, but please remember that anyone can read this file. Encrypting this data would be good.
by (301k points)

1 Answer

0 votes

First of all make sure you are using OAuth 2.0.

You can always refresh your access token. We recommend storing entire IAuthorizationState object received from NativeApplicationClient.ProcessUserAuthorization method.

This object contains both: refresh token and access token, along with its expiration time.

Refreshing a token is simple:

IAuthorizationState grantedAccess = ...
consumer.RefreshAuthorization(grantedAccess, TimeSpan.FromMinutes(20));

You can find entire article here:
https://www.limilabs.com/blog/oauth2-gmail-imap-installed-applications

by (301k points)
Yes,
I'm following same documentation.
Shall we write the authorizationstate in a file and will read it anytime to refresh it?

71            // Build a generic URL containing the auth code.
72            // This is done here as we cannot modify the DotNetOpenAuth library
73            // and the underlying method only allows parsing an URL as a method
74            // of retrieving the AuthorizationState.
75            string url = "http://example.com/?code=" + authCode;
76            return ProcessUserAuthorization(new Uri(url), authorizationState);
77        }

What does example.com meaning here?
by (1.4k points)
...