I am using oauth2 (node.js and the connect-oauth library) to connect to the Google contacts API version 3.0.
Doing so, I get a response such as:
{ access_token : "...",
"token_typen": "Bearer",
"expires_in" : 3600,
"id_token": "..." }
I am missing the refresh token used to get a new access token as soon as the latter is expired.
Options for OAuth2:
{ host: 'accounts.google',
port: 443,
path: '/o/oauth2/token',
method: 'POST',
headers:
{ 'Content-Type': 'application/x-www-form-urlencoded',
Host: 'accounts.google',
'Content-Length': 247 } }
post-body
redirect_uri=http%3A%2F%2Flocalhost%2Foauth2callback&grant_type=authorization_code&client_id=CLIENTID&client_secret=CLIENTSECRET&type=web_server&code=4%2F3gbiESZTEOjiyFPLUhKfE_a_jr8Q
NOTE: I tried to add approval_prompt=force from a similar question to the request-post_body but this resulted in an Error
{ statusCode: 400, data: '{\n "error" : "invalid_request"\n}' }
I am using oauth2 (node.js and the connect-oauth library) to connect to the Google contacts API version 3.0.
Doing so, I get a response such as:
{ access_token : "...",
"token_typen": "Bearer",
"expires_in" : 3600,
"id_token": "..." }
I am missing the refresh token used to get a new access token as soon as the latter is expired.
Options for OAuth2:
{ host: 'accounts.google.',
port: 443,
path: '/o/oauth2/token',
method: 'POST',
headers:
{ 'Content-Type': 'application/x-www-form-urlencoded',
Host: 'accounts.google.',
'Content-Length': 247 } }
post-body
redirect_uri=http%3A%2F%2Flocalhost%2Foauth2callback&grant_type=authorization_code&client_id=CLIENTID&client_secret=CLIENTSECRET&type=web_server&code=4%2F3gbiESZTEOjiyFPLUhKfE_a_jr8Q
NOTE: I tried to add approval_prompt=force from a similar question to the request-post_body but this resulted in an Error
{ statusCode: 400, data: '{\n "error" : "invalid_request"\n}' }
2 Answers
Reset to default 3NOTE: I tried to add approval_prompt=force from a similar question to the request-post_body but this resulted in an Error
You don't need the approval_prompt param when you ask for a token. The *approval_prompt* param is for the authorization part.
I am missing the refresh token...
The only way you DON'T get a *refresh_token* is when:
use the Client-side Applications flow;
include the access_type=online param in the authorization code request.
So, try adding: access_type=offline, to the authorization code request.
Edit:
i.e.:
https://accounts.google./o/oauth2/auth?client_id=**your_client_id**&scope=https://www.googleapis./auth/plus.me&redirect_uri=http://localhost&response_type=code&access_type=offline
If you're getting 400 is because you are adding an invalid parameter or missing one.
Good luck!
One time I did this was testing - I had deleted the google authorisation token from the app - so it tried to get another one and it did but without a refresh token.
So check the app you are testing is not authorised for the account you are testing from (does that make sense?)