In this example we get a token, in this line user, token, err := gocial.Handle(state, code) of the function callbackHandler.

Is this the token that we can save in our own server, so that we can check if it is valid when user come back next time?

My guess is if the token is not expired, we don't need to ask the auth server, is this right?

And what will the auth server return if the token is not valid, say the user revoke it?

If the guess above is right, can we add a new function to do the check work? works like this way:

func Check(token *oauth2.Token, provider string) (*structs.User, error) {
	if tokenIsNotExpired() {
		// no need to check with auth server
		return user, nil
	}

	doCheck()

	if tokenIsInvalid() {
		// say user revoke the token
		return nil, someError
	}

	return user, nil
}

Hi @leedstyh, as written in the README:

The Handle() method returns the user info, the token and error if there's one or nil.
If there are no errors, in the user variable you will find the logged in user information and in the token one, the token info (it's a oauth2.Token struct).

The token is stored in the AccessToken field inside token retrieved from Handle.

Handle() need state and code which we get from the auth server, so we have to check with the auth server every time the user visit the website?

I log in gitter.im with my github account, after I revoke it I still have the access to gitter.im, so I don't think gitter check with github every time I visit.

I don't know how Gitter works, but I use oAuth only for creating the user the first time with all the information, I never cared about revoking, honestly, because if you revoke the permission, you still have the access to your account via password mh

Oh OK, that make sense. Thanks @danilopolani , nice project.