Andre Goncalves
Andre Goncalves

Reputation: 3850

Omniauth google oauth2 strategy with offline access

I'm trying to get offline access token (refresh_token) with omniauth google-oauth2 strategy.

This is my omniauth initializer code:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :google_oauth2, KEY, SECRET,
  :access_type => 'offline', 
  :scope => 'https://www.googleapis.com/auth/userinfo.profile'
end

When redirecting to google for the oauth2 authentication, it should add an extra URL parameter like &access_type=offline, but it fails to do so (it works fine if I add the parameter manually).

Am I missing something?

Upvotes: 1

Views: 1737

Answers (2)

Andre Goncalves
Andre Goncalves

Reputation: 3850

Fixed this by upgrading zquestz/omniauth-google-oauth2 to version 0.1.8. Apparently this problem only occurs in 0.1.7.

Upvotes: 1

y4ku
y4ku

Reputation: 513

If you are using Omniauth with zquestz's google_oauth2 strategy, then the default value for the access_type is offline if it is not specified.

From his github in *omniauth/strategies/oauth2/google_oauth2*:

def authorize_params
    base_scope_url = "https://www.googleapis.com/auth/"
    super.tap do |params|
      scopes = (params[:scope] || DEFAULT_SCOPE).split(",")
      scopes.map! { |s| s =~ /^https?:\/\// ? s : "#{base_scope_url}#{s}" }
      params[:scope] = scopes.join(' ')
      # This makes sure we get a refresh_token.
      # http://googlecode.blogspot.com/2011/10/upcoming-changes-to-oauth-20-endpoint.html
      **params[:access_type] = 'offline' if params[:access_type].nil?
      params[:approval_prompt] = 'force' if params[:approval_prompt].nil?**
    end
  end

As a side note I believe the scope field is supposed to be in a hash: { :scope => userinfo.profile }.

Upvotes: 2

Related Questions