在我读从Android应用验证后端呼叫（http://android-developers.blogspot.tw/2013/01/verifying-back-end-calls-from-android.html),我也读谷歌播放服务和OAuth身份工具（http://android-developers.blogspot.tw/2012/09/google-play-services-and-oauth-identity.html)和它说

你应该叫GoogleAuthUtil.getToken（）每套获取或职位的前拿到令牌，它的智能缓存左右适当的事情，而且也即将与令牌到期处理和刷新。

阅读句子后，我有三个问题。

，因为它需要调用 GoogleAuthUtil.getToken（）来每组获取或职位的前得到一个道理，我不知道是否 GoogleAuthUtil。为gettoken（）是线程安全的。

假设一个情景，我需要用我的服务器会定期在后台同步。我的服务器每一次我接触了一组HTTP请求之前，我需要调用 GoogleAuthUtil.getToken（）这样的请求可以有效令牌发送。

在另一方面端，当用户与我的应用程序进行交互，我也需要做同样的事情：打电话 GoogleAuthUtil.getToken（）来获得令牌和发送它拥有一整套的HTTP请求到我的服务器。由于用户可以与应用程序交互时，后台同步过程中， GoogleAuthUtil.getToken（）可在两个不同的线程在同一时间调用。因此，我想知道为gettoken（）是线程安全的。

2.Is有办法，我可以得到令牌到期时间，所以我可以缓存令牌？我检查了文件（的http://developer.android.com/reference/com/google/android/gms/auth/GoogleAuthUtil.html)有没有一种方法是这样的。

3.Should我刷新令牌 GoogleAuthUtil.getToken（）的回报？如果它是，是否有这样做的一个方法是什么？或者，我应该叫 GoogleAuthUtil.getToken（）每次需要一个有效的令牌时的时间？

解决方案 我就不会担心线程安全的烦躁。我试图想什么可以去错了，因为一个线程碰撞的结果并没有什么飞跃在脑海中。

2及3.唯一有文字记录的方式找到令牌到期时间，是打tokeninfo终点，但我不认为你想添加一个HTTP往返用于这一目的。我想聪明的事情就是不断的打电话为gettoken（），它会确保你得到的回复是长寿命足够有用。它会刷新必要的，所以你不必。

After I read Verifying Back-End Calls from Android Apps (http://android-developers.blogspot.tw/2013/01/verifying-back-end-calls-from-android.html), I also read Google Play services and OAuth Identity Tools (http://android-developers.blogspot.tw/2012/09/google-play-services-and-oauth-identity.html) and it says

"You should call GoogleAuthUtil.getToken() to get a token before each set of GETs or POSTs; it’s smart about caching things appropriately, and also about dealing with token expiry and refresh. "

After reading the sentence, I have three questions.

Because it is necessary to call GoogleAuthUtil.getToken() to get a token before each set of GETs or POSTs, I wonder whether GoogleAuthUtil.getToken() is thread safe.

Suppose a scenario, I need to synchronize with my server periodically in the background. Before each time I contact with my server with a set of HTTP requests, I need to call GoogleAuthUtil.getToken() so requests can be sent with a valid token.

On the other hand side, when users is interacting with my app, I also need to do the same thing: call GoogleAuthUtil.getToken() to get token and send it with a set of HTTP requests to my server. Because users may interactive with the app when the background sync is in progress, GoogleAuthUtil.getToken() may be called in two different thread at the same time. Therefore, I would like to know whether getToken() is thread safe.

2.Is there a way that I can get the token expiry time so I can cache the token? I checked the document (http://developer.android.com/reference/com/google/android/gms/auth/GoogleAuthUtil.html) there is no method like this.

3.Should I refresh the token that GoogleAuthUtil.getToken() returns? If it is, is there a method to do so? Or, should I call GoogleAuthUtil.getToken() every time when a valid token is needed?

解决方案

I wouldn't worry about thread-safe-ness. I’m trying to think what could go wrong as a result of a thread collision and nothing leaps to mind.

2 & 3. The only documented way to find the token expiry time, is to hit the tokeninfo endpoint, but I don't think you want to add an HTTP round-trip for this purpose. I think the smart thing is just to keep calling getToken() and it'll make sure that what you get back is long-lived enough to be useful. It'll refresh as necessary so you don't have to.