{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 beautiful° 的问题《Get refresh token google api》','https://www.manongdao.com/q-40496.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I can't get my refresh token with my code. I can only get my access token, token type etc.,
I have followed some tutorials like putting access_type=offline on my login URL:
echo "<a href='https://accounts.google.com/o/oauth2/auth?"
. "access_type=offline&client_id=123345555.apps.googleusercontent.com& "
. "scope=https://www.googleapis.com/auth/calendar+https://www.googleapis.com/auth/plus.me&response_type=code& "
. "redirect_uri=http://www.sample.com/sample.php&state=/profile'>Google</a>";
and my fields in getting the access token:
$fields=array(
'code'=> urlencode($authcode),
'client_id'=> urlencode($clientid),
'client_secret'=> urlencode($clientsecret),
'redirect_uri'=> urlencode($redirecturi),
'grant_type'=> 'authorization_code',
);
but I can't get refresh_token, just the access_token, token_type, id_token and expires_in.
If I may expand on user987361's answer:
From the offline access portion of the OAuth2.0 docs:
So, when you have already granted access, subsequent requests for a
grant_typeofauthorization_codewill not return therefresh_token, even ifaccess_typewas set toofflinein the query string of the consent page.As stated in the quote above, in order to obtain a new
refresh_tokenafter already receiving one, you will need to send your user back through the prompt, which you can do by settingapproval_prompttoforce.Cheers,
PS This change was announced in a blog post as well.
OAuth has two scenarios in real mode. The normal and default style of access is called online. In some cases, your application may need to access a Google API when the user is not present,It's offline scenarios . a refresh token is obtained in offline scenarios during the first authorization code exchange.
So you can get refersh_token is some scenarios ,not all.
you can have the content in https://developers.google.com/identity/protocols/OAuth2WebServer#offline .
For our app we had to use both these parameters
access_type=offline&prompt=consent.approval_prompt=forcedid not work for usIt is
access_type=offlinethat you want.This will return the refresh token the first time the user authorises the app. Subsequent calls do not force you to re-approve the app (
approval_prompt=force).See further detail: https://developers.google.com/accounts/docs/OAuth2WebServer#offline
Hi I followed following steps and I had been able to get the refresh token.
Authorization flow has two steps.
Is to obtain the authorization code using
https://accounts.google.com/o/oauth2/auth?URL.For that a post request is sent providing following parameters.
'scope=' + SCOPE + '&client_id=' + CLIENTID + '&redirect_uri=' + REDIRECT + '&response_type=' + TYPE + '&access_type=offline'Providing above will receive a authorization code.Retrieving AcessToken and RefreshToken using
https://accounts.google.com/o/oauth2/token?URL. For that a post request is sent providing following parameters."code" : code, "client_id" : CID, "client_secret" : CSECRET, "redirect_uri" : REDIRECT, "grant_type" : "authorization_code",
So in your first attempt once you authorize the permissions you will be able to get the Refresh token. Subsequent attempts will not provide the refresh token. If you want the token again the revoke the access in you application.
Hope this will help someone cheers :)
Found out by adding this to your url parameters
approval_prompt=force