Not getting Refresh Token

[sheheryar-pirzada]

I'm not getting a refresh token with these settings

<GoogleLogin scope={SCOPE} clientId={keys.web.client_id} redirectUri={keys.web.redirect_uris} onSuccess={this.responseGoogle} onFailure={this.responseGoogle} responseType='token code' prompt='consent' accessType='offline' />

[sheheryar-pirzada]

<GoogleLogin scope={SCOPE} clientId={keys.web.client_id} redirectUri={keys.web.redirect_uris} onSuccess={this.responseGoogle} onFailure={this.responseGoogle} responseType='token code' prompt='consent' accessType='offline' />

[Shrikant9]

Is this supposed to be a 🐛 (bug) ?

I am expecting the same in response but couldn't find anything called refresh_token.

[jschell12]

Take note of the property accessType='offline' This returns a code in the onSuccess callback. You use this code on your server to obtain your refresh_token.

See the documentation here on what to do with it. (The link is to the Node.js version of the googleapi server-side library)

[adolfov]

@sheheryar-pirzada you need to set responseType="code"

[chitgoks]

i have actually gotten the refresh token but i am confused, because if i use this as the token in the header Authorization it does not work. weird.

also, i wonder why one cannot get a refresh token including other details. does this mean that you have to get the accessToken and other details via accessType=online first, then do another query to where accessType=offline and get the refresh token and use that as the token in the header authorization?

[TroutZen]

Okay these docs are misleading and the google docs themselves are not very thorough...

When accessType is 'offline' and responseType is 'code' what is returned is NOT the refresh_token, but the authorization_code. The authorization code can be exchanged for a refresh token either in one of a several ways:

1. HTTP request

2. Using a google oauth API e.g. here

So for me the flow is:

1. Get authorization code from ReactGoogleLogin using accessType=offline and responseType=code
2. Send authorization code to server
3. Server exchanges authorization code for refresh_token per the above options 1) or 2) above.

When I tried exchanging the auth code for a refresh_token I kept a getting invalid_redirect_url error from google. I was confused because the redirect urls specified in API console matched the redirect_url specified in the request.

The only thing that worked was a solution from an obscure SO post suggesting that I set the redirect_uri in the request to postmessage. Note. I actually didn't need a redirect_uri since I was grabbing the tokens from the response.

And now it works!

[chitgoks]

@TroutZen sorry i didnt understand what you said. did you get to make it work using non react code? can you please share how?

[TroutZen]

I got it to work using a mixture of ReactGoogleLogin to fetch the authorization_code on the client and using another API request to exchange the authorization code for a refresh_token (server-side) per the instructions here.

Note: When ReactGoogleLogin speaks of a refresh_token that is actually the authorization_code.

[chitgoks]

can you share to use here your solution? thank you

[manavkohli]

@TroutZen thank you for digging through this - have been running in circles thinking it was the refresh token

[kamal-hossain]

I tried to explain some issues for retrieving this Refresh token here.

https://dev.to/kamalhossain/refresh-token-problem-in-react-google-login-solved--1med

Hope this will help those, who are complaining that even after all the process is correct they are unable to retrive the refresh_token