0

I'm currently implementing GMail integration into a line of business web application (ASP.NET MVC) which will run across multiple servers behind a load balancer. Additionally there will be a console application, run by the scheduler, to perform regular jobs.

Multiple users will be using the web application – it is the business's backoffice – but there is only a single GMail account used for email communication with customers. Access to that GMail account will be authorised by an admin (users will not have direct access to the GMail account).

I know a single token store will be needed.

My problem is ensuring that when the OAuth 2 refresh token is used to renew the access token there is no concurrency issue.

I cannot cannot see any ability with the Google .NET OAuth2 Library to control when (eg. by seeing an event) the refresh takes place.

I could manually check the time to expiry before each access, but is there any better way?

(I still need to solve the problem of blocking other processes – including on other servers – from using the token while refreshing, but that is another problem.)

Community
  • 1
  • 1
Richard
  • 106,783
  • 21
  • 203
  • 265
  • refreshing a token is a single REST API call, so consider ditching the library and doing it yourself. That way you have absolute certainty and consistency. – pinoyyid Dec 09 '15 at 14:07
  • @pinoyyid I could, but I really do not have time to build a whole client stack if I can avoid it (OAuth is just the starting point). – Richard Dec 09 '15 at 14:12
  • @richartd I feel you. Problem is at some point you'll be faced with the dilemma, of whether it's ultimately more efficient to craft your own calls which are deterministic, or rely on libraries which are not open source and change underneath you. The whole OAuth dance boils down to just 3 rest calls. Anyways, best of luck. – pinoyyid Dec 09 '15 at 14:43

0 Answers0