file:// protocol. The application must be hosted on a server (can be localhost).
gapi.auth.setToken provide access to the auth token.
How do I refresh the auth token, and how often should I do it?
Refresh the token by calling
gapi.auth.authorize with the client ID, the scope and
immediate:true as parameters.
Currently, the auth token expires after one hour. A common practice is to refresh the auth token after 45 minutes. If you refresh the auth token too often (every five minutes, for example) you will run into the refresh rate limit. (The rate limit is per-user, so the number of user connections is not an issue.)
The auth token's
expires_in field will tell you the token's time to expiration.
The authSample.html file contains good examples of code that handles auth and token refreshes.
Since logging out of the application also logs the user out of the Google account, it is not recommended to log the user out unless the user requests this explicitly.