google-auth-library-python-oauthlib icon indicating copy to clipboard operation
google-auth-library-python-oauthlib copied to clipboard
verified publisher icon googleapis

Refresh_token not regenerated with current authorization_url defaults.

Open octaflop opened this issue 1 year ago • 0 comments

Thanks for stopping by to let us know something could be better!

PLEASE READ: If you have a support contract with Google, please create an issue in the support console instead of filing on GitHub. This will ensure a timely response.

Please run down the following list and make sure you've tried the usual "quick fixes":

  • Search the issues already opened: https://github.com/googleapis/google-auth-library-python-oauthlib/issues
  • Search StackOverflow: https://stackoverflow.com/questions/tagged/google-cloud-platform+python

If you are still having issues, please be sure to include as much information as possible:

Environment details

  • OS type and version:
  • Python version: python --version
  • pip version: pip --version
  • google-auth-oauthlib version: pip show google-auth-oauthlib

Steps to reproduce

  1. Auth and save a token.json
  2. Delete the token.json
  3. Try to use the token.json or note it doesn't have a refresh_token.
  4. The token.json will fail to work

Code example

def create_service() -> discovery:
    token_path = Path(__file__).parent / 'token.json'
    credentials_path = Path(__file__).parent / 'client_secrets.json'
    creds = None
    if token_path.exists():
        try:
            creds = Credentials.from_authorized_user_file(str(token_path), SCOPES)
        except ValueError:
            creds = None
    # If there are no (valid) credentials available, let the user log in.
    if not creds or not creds.valid:
        if creds and creds.expired and creds.refresh_token:
            creds.refresh(Request())
        else:
            flow = InstalledAppFlow.from_client_secrets_file(
                str(credentials_path), SCOPES)
            try:
                creds = flow.run_local_server(port=8080, open_browser=False)

            except MismatchingStateError:
                print("State mismatch error during OAuth process. Trying again...")
                creds = flow.run_local_server(port=8080, open_browser=False)

        # Save the credentials for the next run
        with open(token_path, 'w') as token:
            token.write(creds.to_json())

    service = build('drive', 'v3', credentials=creds)
    return service

Stack trace

NA -- ValueError

Making sure to follow these steps will guarantee the quickest resolution possible.

Thanks!

Proposed fix (PR incoming)

add prompt=consent to the authorization_url as a default. As a current workaround I am finding this to work:

url_args = {
    'access_type': 'offline',
    'prompt': 'consent'
}
flow = InstalledAppFlow.from_client_secrets_file(
    str(credentials_path), SCOPES)
try:
    creds = flow.run_local_server(port=8080, open_browser=False, **url_args)

except MismatchingStateError:
    print("State mismatch error during OAuth process. Trying again...")
    creds = flow.run_local_server(port=8080, open_browser=False, **url_args)

octaflop avatar May 06 '24 20:05 octaflop