Refresh token is not returned after initial authorization

Question

This is a follow up to question Not receiving Google OAuth refresh token

The answer is "The refresh_token is only provided on the first authorization from the user."

After revoking rights for the app and trying to authorize again, refresh token is not returned. What I get is:

{ "access_token" : "XXXX..", "token_type" : "Bearer", "expires_in" : 3600, "id_token" : "XXXX..." }

Others suggested to use access_type=offline however, according to description offline access is used if:

"application needs to access a Google API when the user is not present at the browser"

which isn't the case for me.

What is a proper way to get refresh token?

Answer 1

Every time When you reload you application page , Access Token is Refreshed or you can say the refresh token for this purpose you should use the following but First You Need the authentication

  gapi.auth.getToken().access_token;

i am also doing the same thing by the following Way

   var accessToken = gapi.auth.getToken().access_token;
    var xhr = new XMLHttpRequest();
    xhr.setRequestHeader('Authorization', 'Bearer ' + accessToken);

You can use this to avoid your problem "refresh token is not returned".

Thank You!!

Answer 2

You only get a refresh token if access_type=offline is set. You have two choices of how to handle this:

1. Don't use access_type=offline. Your access token will be good for 1 hour. After the access token expires, re-prompt the user to authenticate again. They'll need to do the whole OAuth dance again so that you can get a new access token.

2. Use access_type=offline so that you can get a new access tokens via the refresh token. If you prefer, after the user logs out, you can revoke the tokens.