I'm working on authenticating REST API calls to a Firebase Realtime database and have decided to use Google OAuth2 access tokens to authorize the requests. I've followed this doc - https://firebase.google.com/docs/database/rest/auth
and used this code to generate new access tokens
from google.oauth2 import service_account
# Define the required scopes
scopes = [
"https://www.googleapis.com/auth/userinfo.email",
"https://www.googleapis.com/auth/firebase.database"
]
# Authenticate a credential with the service account
credentials = service_account.Credentials.from_service_account_file(
"path/to/serviceAccountKey.json", scopes=scopes)
# Or, use the token directly, as described in the "Authenticate with an
# access token" section below. (not recommended)
request = google.auth.transport.requests.Request()
credentials.refresh(request)
access_token = credentials.token
print(access_token)
My questions are -
- What is the expiry policy of these access tokens?
- how many of them can I generate?
- How can I fetch all the active tokens and remove one or more?
CodePudding user response:
What is the expiry policy of these access tokens?
Standard google access tokens last an hour.
how many of them can I generate?
I dont think there is a limit
How can I fetch all the active tokens and remove one or more?
You cant really access tokens are not stored they contained access. Look up bearer token.
None of those questions matter
You are using a service account. Service account is a different type of access its client access. Its not going to expire as long as you dont delete the service account.
