1

I have built MVC app using OAuth 2.0 to Access Google APIs. On thirst call I receive an Access token + Refresh token. Next calls come without a Refresh token, its ok, I saved it on a first call. After 1 hour Access token expires and I need to get a new one, using previously saved refresh token.

  1. How do I check that Access token expired? Didnt see any IsExpired properties.

  2. What is the proper syntax to acquire a new Access token using Refresh token (for MVC app)? Couldnt find any reference or documentation how to do that. Should I write any new code or call existing API to do that? Where should I do that, in my HomeController's Index action or before calling any Google API?

My app is built as described in here (basically the same code), but no code to acquire a new Access token: https://developers.google.com/api-client-library/dotnet/guide/aaa_oauth#web-applications-aspnet-mvc

Thank you

For more details I added here how I wrote the code.

HomeController:

    public async Task<ActionResult> Index(CancellationToken cancellationToken)
    {
        if (result == null || result.Credential == null)
        {
            result = await new AuthorizationCodeMvcApp(this, new AppFlowMetadata()).AuthorizeAsync(cancellationToken);
            if (result.Credential == null) return new RedirectResult(result.RedirectUri);
            if (!string.IsNullOrEmpty(result.Credential.Token.RefreshToken))
            {
                SaveRefreshTocken(result.Credential.Token.RefreshToken);
            }
        }
        return View();
    }

SaveRefreshTocken - just saves a Refresh token in web.config.

    public ActionResult Gmail()
    {
        if (result == null || result.Credential == null) throw new Exception("expired_credential");
        return PartialView(GmailManager.GetGmail(result.Credential));
    }

And, simplified GmailManager class:

public static class GmailManager
{
    public static List<Message> GetGmail(UserCredential credential)
    {
        var mygmail = new MyGmail();
        var service = new GmailService(new BaseClientService.Initializer { HttpClientInitializer = credential });
        var request = service.Users.Messages.List("me");
        request.Q = "in:inbox is:unread";
        var messages = request.Execute().Messages;
        return messages;
    }
}

Question - where and how should I USE refresh token? If I saved it, I would have to use it when Access token expires to get a new Access token, right?

However it doesnt seem like its trying to acquire a new access token automatically:

enter image description here

monstro
  • 6,254
  • 10
  • 65
  • 111
  • If you are using the Google .net client library it should fetch a new access token for you once the access token has expired. If your not then let me know I have a dummy class for doing this without Googles client library. – Linda Lawton - DaImTo Mar 01 '16 at 13:54
  • Hi DalmTo, yes, I am using Google Gmail API, Calendar API. So, you're saying when I make a call to create, lets say Gmail Service (var service = new GmailService(new BaseClientService.Initializer { HttpClientInitializer = credential });), it will acquire access token automatically, by itself? But what about the Refresh token, that I saved previously? When and where should I use it? – monstro Mar 01 '16 at 14:09
  • I added my code samples for more info. – monstro Mar 01 '16 at 14:17
  • Actually its GoogleWebAuthorizationBroker.AuthorizeAsync that handels it all for you so what you have posted isn't going to help much. When you create the credentials you will have to create your own implementation of Idatastore and send it your refresh token. By default the client library uses fileDataStore. – Linda Lawton - DaImTo Mar 01 '16 at 14:51
  • Yes, I have all that and it works just fine, in my AuthCallbackController. I am talking about *after* the User got authenticated, after he received access token + refresh token *for the first time*. After that, all next calls dont even go to AuthCallbackController. But in 1 hour access tocken expires and we need to get e new access token. As I understand, we always pass result.Credential (where result is AuthorizationCodeWebApp.AuthResult) when we make a call to API. result.Credential.Token has access token & refresh token in it. – monstro Mar 01 '16 at 18:12
  • Every call you make goes through the service the service was created with a credential if the credentials has a refreshToken it will automatically get a new access token when needed you don't need to worry about it – Linda Lawton - DaImTo Mar 01 '16 at 18:18

0 Answers0