我是 iOS SDK 的作者。该isAuthorized方法只是对当前 OAuth2 令牌是否有效的最佳猜测。从文档中:
将 accessTokenExpiration 与当前时间进行比较以确定访问令牌是否有效。这不能保证访问令牌有效,因为它可能已被撤销或已刷新。
因为accessTokenExpiration没有被 Box iOS SDK 存储在任何地方,所以这个字段在初始化后将是 nil,即使加载了刷新令牌。
Box iOS SDK 的立场是 Box API 是状态的真实来源,并且不会尝试执行可以由服务器更可靠地处理的客户端检查。
重新加载 OAuth2 会话的推荐方法是像您所做的那样从钥匙串设置刷新令牌,然后发出“心跳”API 调用以触发自动刷新,或者如果刷新令牌无效则失败。
可以在Box iOS SDK 示例应用程序中找到一个示例
- (void)viewDidLoad
{
[[NSNotificationCenter defaultCenter] addObserver:self
selector:@selector(boxAPIAuthenticationDidSucceed:)
name:BoxOAuth2SessionDidBecomeAuthenticatedNotification
object:[BoxSDK sharedSDK].OAuth2Session];
[[NSNotificationCenter defaultCenter] addObserver:self
selector:@selector(boxAPIAuthenticationDidFail:)
name:BoxOAuth2SessionDidReceiveAuthenticationErrorNotification
object:[BoxSDK sharedSDK].OAuth2Session];
[[NSNotificationCenter defaultCenter] addObserver:self
selector:@selector(boxAPIInitiateLogin:)
name:BoxOAuth2SessionDidReceiveRefreshErrorNotification
object:[BoxSDK sharedSDK].OAuth2Session];
// attempt to heartbeat. This will succeed if we successfully refresh
// on failure, the BoxOAuth2SessionDidReceiveRefreshErrorNotification notification will be triggered
[self boxAPIHeartbeat];
}
- (void)dealloc
{
[[NSNotificationCenter defaultCenter] removeObserver:self];
}
- (void)boxAPIHeartbeat
{
[[BoxSDK sharedSDK].foldersManager folderInfoWithID:BoxAPIFolderIDRoot requestBuilder:nil success:nil failure:nil];
}
#pragma mark - Handle OAuth2 session notifications
- (void)boxAPIAuthenticationDidSucceed:(NSNotification *)notification
{
NSLog(@"Received OAuth2 successfully authenticated notification");
BoxOAuth2Session *session = (BoxOAuth2Session *) [notification object];
NSLog(@"Access token (%@) expires at %@", session.accessToken, session.accessTokenExpiration);
NSLog(@"Refresh token (%@)", session.refreshToken);
[self dismissViewControllerAnimated:YES completion:nil];
BOXAssert(self.viewControllers.count == 1, @"There should only be one folder in the hierarchy when authentication succeeds");
BoxFolderViewController *rootVC = (BoxFolderViewController *)self.topViewController;
[rootVC fetchFolderItemsWithFolderID:BoxAPIFolderIDRoot name:@"All Files"];
}
- (void)boxAPIAuthenticationDidFail:(NSNotification *)notification
{
NSLog(@"Received OAuth2 failed authenticated notification");
NSString *oauth2Error = [[notification userInfo] valueForKey:BoxOAuth2AuthenticationErrorKey];
NSLog(@"Authentication error (%@)", oauth2Error);
[self dismissViewControllerAnimated:YES completion:nil];
}
- (void)boxAPIInitiateLogin:(NSNotification *)notification
{
NSLog(@"Refresh failed. User is logged out. Initiate login flow");
dispatch_sync(dispatch_get_main_queue(), ^{
[self popToRootViewControllerAnimated:YES];
NSURL *authorizationURL = [BoxSDK sharedSDK].OAuth2Session.authorizeURL;
NSString *redirectURI = [BoxSDK sharedSDK].OAuth2Session.redirectURIString;
BoxAuthorizationViewController *authorizationViewController = [[BoxAuthorizationViewController alloc] initWithAuthorizationURL:authorizationURL redirectURI:redirectURI];
BoxAuthorizationNavigationController *loginNavigation = [[BoxAuthorizationNavigationController alloc] initWithRootViewController:authorizationViewController];
authorizationViewController.delegate = loginNavigation;
loginNavigation.modalPresentationStyle = UIModalPresentationFormSheet;
[self presentViewController:loginNavigation animated:YES completion:nil];
});
}
此视图控制器注册 OAuth2 通知,这些通知在成功刷新或注销时触发。在为这些回调注册的选择器中,您可以在应用中加载视图控制器或加载 BoxAuthorizationViewController 以登录用户。