oauth 2.0 refresher
DESCRIPTION
São Paulo AdWords API WorkshopsTRANSCRIPT
![Page 1: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/1.jpg)
AdWords API Workshops – All rights reserved
![Page 2: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/2.jpg)
AdWords API Workshops – All rights reserved
OAuth 2.0
Cristiano Breuel, Google, Inc.
![Page 3: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/3.jpg)
AdWords API Workshops – All rights reserved
Agenda
1
2
3
4
5
1. O que é OAuth 2.0?
2. Preparação
3. Obtendo um Access Token
4. Detalhes do fluxo OAuth 2.0
5. Melhores Práticas
![Page 4: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/4.jpg)
AdWords API Workshops – All rights reserved
O que é OAuth 2.0?
![Page 5: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/5.jpg)
AdWords API Workshops – All rights reserved
O que é OAuth 2.0?
● Autorização para a API do AdWords
● Seguro
● Simples
● Padronizado
![Page 6: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/6.jpg)
AdWords API Workshops – All rights reserved
● Sem Nomes de usuário ou Senhas
● Só Tokens
● Controle de acesso Específico
● Escopo restrito
● Fácil de revogar
A segurança do OAuth2
![Page 7: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/7.jpg)
AdWords API Workshops – All rights reserved
A simplicidade do OAuth2
Interagir com a API do AdWords
Obter AcessoPedir aprovação
![Page 8: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/8.jpg)
AdWords API Workshops – All rights reserved
O padrão do OAuth2
● Você já viu essa janela?
● Consentimento do Usuário
● Aceitar
● Cancelar
![Page 9: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/9.jpg)
AdWords API Workshops – All rights reserved
2) Aceitar Consentimento
3) Troca de Código
O Fluxo OAuth2
Sua Aplicação
Usuário da MCC
Servidores do Google
1) Construir URL 4) Fazer Requisição 5) Renovar Accesso
Servidores OAuth2
A API do AdWords
Conceder Accesso Interagir com a API do AdWords
![Page 10: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/10.jpg)
AdWords API Workshops – All rights reserved
● refresh_token
● Atualiza o access_token
● Tempo de vida indefinido
● Armazene!
● access_token
● Para fazer requisições
● Tempo de vida 60 minutos
Acesso inclui 2 Tokens
![Page 11: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/11.jpg)
AdWords API Workshops – All rights reserved
● refresh_token
● Atualiza o access_token
● Tempo de vida indefinido
● Armazene!
● access_token
● Para fazer requisições
● Tempo de vida 60 minutos
Acesso inclui 2 Tokens
![Page 12: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/12.jpg)
AdWords API Workshops – All rights reserved
● refresh_token
● Atualiza o access_token
● Tempo de vida indefinido
● Armazene!
● access_token
● Para fazer requisições
● Tempo de vida 60 minutos
Acesso inclui 2 Tokens
![Page 13: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/13.jpg)
AdWords API Workshops – All rights reserved
Preparação
![Page 14: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/14.jpg)
AdWords API Workshops – All rights reserved
http://code.google.com/apis/console
● Obtenha uma identificação da aplicação● client_id● client_secret
Registre sua aplicação
![Page 15: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/15.jpg)
AdWords API Workshops – All rights reserved
Crie um novo projeto na Google API Console
![Page 16: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/16.jpg)
AdWords API Workshops – All rights reserved
Crie um client ID OAuth 2.0
![Page 17: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/17.jpg)
AdWords API Workshops – All rights reserved
Servidor web ou aplicação instalada?
Escolha Aplicação Instalada a menos que você tenha várias contas de clientes que precisam de autorização.
Escolha Aplicação em Servidor Web quando usar várias contas autorizadas separadamente.
![Page 18: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/18.jpg)
AdWords API Workshops – All rights reserved
Aplicação Instalada
Escolha seu tipo de aplicação
![Page 19: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/19.jpg)
AdWords API Workshops – All rights reserved
Agora, você tem um client_id e client_secret
![Page 20: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/20.jpg)
AdWords API Workshops – All rights reserved
Obtendo Acessoaccess_token & refresh_token
![Page 21: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/21.jpg)
AdWords API Workshops – All rights reserved
Para que serve o Token de Acesso?
Obter Acesso & Renovar TokensObter aprovação
![Page 22: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/22.jpg)
AdWords API Workshops – All rights reserved
Com ou sem Client Libraries
● Com Client Libraries
● Sem Client Libraries
![Page 23: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/23.jpg)
AdWords API Workshops – All rights reserved
● Verifique os detalhes da sua library!
● Exemplo:
● Executar script
● Autorizar aplicação
● Adicionar refresh_token à configuração
Client Libraries podem ajudar
![Page 24: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/24.jpg)
AdWords API Workshops – All rights reserved
1. Construir URL
2. Obter Consentimento
3. Receber Código de Autorização
4. Trocar Código por Token
5. Armazenar Credenciais
Como obter um Token de Acesso
![Page 25: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/25.jpg)
AdWords API Workshops – All rights reserved
https://accounts.google.com/o/oauth2/auth?
access_type=offline&
scope=https://adwords.google.com/api/adwords&
redirect_uri=urn:ietf:wg:oauth:2.0:oob&
response_type=code&
client_id=xxxxxxx.apps.googleusercontent.com
1. Construir uma URL
![Page 26: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/26.jpg)
AdWords API Workshops – All rights reserved
● Enviar Usuário
● Aceitar permissões
2. Obter Consentimento
![Page 27: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/27.jpg)
AdWords API Workshops – All rights reserved
> Enter authorization code here:
4/v6xr77ewYqhvHSyW6UJ1w7jKwAzu
3. Receber Código de Autorização
![Page 28: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/28.jpg)
HTML
AdWords API Workshops – All rights reserved
POST /o/oauth2/token HTTP/1.1 Host: accounts.google.com Content-Type: application/x-www-form-urlencoded code=4/v6xr77ewYqhvHSyW6UJ1w7jKwAzu& client_id=xxxxxxx.apps.googleusercontent.com& client_secret={client_secret}& redirect_uri=& grant_type=authorization_code
4. Trocar Código por Token
![Page 29: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/29.jpg)
AdWords API Workshops – All rights reserved
{"access_token" : "yaxx.xxxxxxxxxxxx","token_type" : "Bearer","expires_in" : 3600,"refresh_token" : "1/xxxxxxxxxxxxxxxxxxxg"
}
5. Armazenar Credenciais
![Page 30: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/30.jpg)
AdWords API Workshops – All rights reserved
Tipos de Fluxos OAuth 2.0
![Page 31: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/31.jpg)
AdWords API Workshops – All rights reserved
O Google suporta cenários OAuth 2.0 comuns
● Aplicações Instaladas
● Aplicações em Web Server
● Aplicações em devices com input limitado
Fluxos OAuth 2.0 Suportados pelo Google
![Page 32: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/32.jpg)
AdWords API Workshops – All rights reserved
Diferenças entre fluxos
Registro no Console de API
Usar código de Autenticação
Client Secret
Renovação de Token
Redirecionamento
Aplicações Instaladas
Requerido Sim Requerido Disponível URL, Texto
Aplicações em Web Server
Requerido Sim Requerido Disponível URL
Aplicações em devices com input limitado
Requerido - Requerido Disponível -
![Page 33: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/33.jpg)
AdWords API Workshops – All rights reserved
Melhores Práticas
![Page 34: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/34.jpg)
AdWords API Workshops – All rights reserved
● Use tipo de acesso offline para obter um refresh_token
● Armazene o refresh_token para obter um novo access_token
● Use a estrutura da MCC● Autorize a MCC de nível mais alto
Melhores Práticas
![Page 35: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/35.jpg)
AdWords API Workshops – All rights reserved
Armazenamento & Compartilhamento
● Armazene os Tokens de Acesso● Armazene o timestamp e o tempo de validade do token de
acesso● Compartilhe Tokens de Acesso entre Threads
![Page 36: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/36.jpg)
AdWords API Workshops – All rights reserved
● AuthenticationError.OAUTH_TOKEN_INVALID○ Quando: Token de Accesso expirado○ Solução: obtenha um novo Token de Acesso com um Refresh
token
● AuthenticationError.INVALID_GRANT_ERROR○ Quando: Refresh Token revogado○ Solução: re-autentique a aplicação com consentimento do
usuário
Informações Úteis sobre Erros
![Page 37: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/37.jpg)
AdWords API Workshops – All rights reserved
Apêndice
![Page 38: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/38.jpg)
AdWords API Workshops – All rights reserved
Recursos
![Page 39: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/39.jpg)
Links:
https://developers.google.com/accounts/docs/OAuth2
https://developers.google.com/accounts/docs/OAuth2WebServer
https://developers.google.com/accounts/docs/OAuth2InstalledApp
https://developers.google.com/adwords/api/docs/authentication#oauth
https://code.google.com/apis/console
Resources
![Page 40: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/40.jpg)
AdWords API Workshops – All rights reserved
Perguntas?
![Page 41: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/41.jpg)
AdWords API Workshops – All rights reserved
![Page 42: OAuth 2.0 refresher](https://reader034.vdocuments.net/reader034/viewer/2022050804/54bf19c34a795908368b4602/html5/thumbnails/42.jpg)
AdWords API Workshops – All rights reserved
Escolha acesso offline quando suas aplicações funcionam sem interação com o usuário
Acesso offline é bom para aplicações típicas da API do AdWords que acessam servidores do Google para obter dados e atribuir valores em background.
Offline ou Online?