Server request Google Calendar API use access token from client

Question

We're developing a IOS App, it uses GoogleSignIn and GoogleAPIClientForREST to gets the user's calendar.

The normal flow is that the client user log into Gmail, then authorizes it, and then the client get the access token, and use the token to request the user's calendars,

Now we want to do this, our App gets the access token, uploads the token to our server, then server uses the token to request the user's calendars, Eventually, our server will regularly use much number of different users' access token to request Google Calendar api.

Do Google support this? Are there any restrictions or limit?

Thanks!

Answer 1

In fact, the client just uploads refresh token to server, then server use it to get access token, and use access token to get calendar events.

Answer 2

The main problem you are going to have is that an access token is only good for one hour. So unless you are expecting the user to login every hour and give you a new access token for your backend application this is not going to work.

Second i am not sure how IOS signin works i am not even sure that you can get the code to give you an access token to upload to your backend server. Not to mention that passing around an access token even on a secure connection probably isnt the best design idea.

You might be better off codding this all server sided and having your IOS application rather than connecting via ios directly.

I am not an IOS developer so cant really help you much.