Reputation: 3850
I'm trying to get offline access token (refresh_token) with omniauth google-oauth2 strategy.
This is my omniauth initializer code:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :google_oauth2, KEY, SECRET,
:access_type => 'offline',
:scope => 'https://www.googleapis.com/auth/userinfo.profile'
end
When redirecting to google for the oauth2 authentication, it should add an extra URL parameter like &access_type=offline, but it fails to do so (it works fine if I add the parameter manually).
Am I missing something?
Upvotes: 1
Views: 1737
Reputation: 3850
Fixed this by upgrading zquestz/omniauth-google-oauth2 to version 0.1.8. Apparently this problem only occurs in 0.1.7.
Upvotes: 1
Reputation: 513
If you are using Omniauth with zquestz's google_oauth2 strategy, then the default value for the access_type is offline if it is not specified.
From his github in *omniauth/strategies/oauth2/google_oauth2*:
def authorize_params
base_scope_url = "https://www.googleapis.com/auth/"
super.tap do |params|
scopes = (params[:scope] || DEFAULT_SCOPE).split(",")
scopes.map! { |s| s =~ /^https?:\/\// ? s : "#{base_scope_url}#{s}" }
params[:scope] = scopes.join(' ')
# This makes sure we get a refresh_token.
# http://googlecode.blogspot.com/2011/10/upcoming-changes-to-oauth-20-endpoint.html
**params[:access_type] = 'offline' if params[:access_type].nil?
params[:approval_prompt] = 'force' if params[:approval_prompt].nil?**
end
end
As a side note I believe the scope field is supposed to be in a hash: { :scope => userinfo.profile }.
Upvotes: 2