On 07/30/2013 06:46 PM, Patrick Ohly wrote:
> Also, after giving it some thought, I think that forcing the use
> refresh token can make sense in case of flaky servers or clock drift. So
> I'll add that capability to the plugin, and the proper sequence will
> look like this:
> - request a token and try to use it
> - if it's rejected, request a token again, with a flag that forces the
> use of refresh token
> - if the second token is also rejected, enable
> GSIGNOND_UI_POLICY_REQUEST_PASSWORD and try for the last time.
I agree, forcing refresh makes sense.
I just noticed that we didn't have Alberto on this part of the mail
thread. Adding him back.
So I've done and pushed all the updates to the OAuth plugin that we
- support for Google's login_hint (set 'UseLoginHint' to TRUE)
- support for forced use of refresh token (set 'ForceTokenRefresh' to TRUE)
- support for caching tokens according to scope (this is transparent,
but you need to create a new identity because the format of the token
cache has changed). You should be able to remove the workaround of using
several client IDs in SyncEvo now.