You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jul 10, 2023. It is now read-only.
I've noticed that tokens were "refreshed" every 25 seconds, where they are currently valid for 3 hours (10800 seconds). You will get that expiration span in the response of https://api.netatmo.com/oauth2/token in expires_in and expire_in. This is likely to clutter up their memory for valid access IDs.
Furthermore refreshing is implemented as first retrieval of the access token (transfering username, password, client_id and client_secret every 25 seconds). This is highly controversioal in terms operational security and an anti-pattern for oauth2. You should rather use the refresh_token to get a fresh access_token every $now + $expires_in - $threashold. It's also documentated in their api documentation: https://dev.netatmo.com/apidocumentation/oauth#refreshing-a-token
The text was updated successfully, but these errors were encountered:
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I've noticed that tokens were "refreshed" every 25 seconds, where they are currently valid for 3 hours (10800 seconds). You will get that expiration span in the response of
https://api.netatmo.com/oauth2/token
inexpires_in
andexpire_in
. This is likely to clutter up their memory for valid access IDs.Furthermore refreshing is implemented as first retrieval of the access token (transfering
username
,password
,client_id
andclient_secret
every 25 seconds). This is highly controversioal in terms operational security and an anti-pattern for oauth2. You should rather use the refresh_token to get a fresh access_token every$now + $expires_in - $threashold
. It's also documentated in their api documentation: https://dev.netatmo.com/apidocumentation/oauth#refreshing-a-tokenThe text was updated successfully, but these errors were encountered: