Refresh oauth2 token google api and HWIOAuthBundle

Question

How i can refresh token ? I use Google api with this token - it work but can't find how to refresh it, in this example we dont save expired time. I require

`access_type:     offline `

then

$client = new Google_Client();
        //$client->setClientId($GoogleClientId);
        $client->setApplicationName($GoogleAppName);
        $client->setClientId($this->user->getGoogleId());
        $client->setAccessType('offline');

if token is valid i can work but when is expired i try

$token = [
            'access_token' => $this->user->getGoogleAccessToken(),
            'expires_in'   => (new \DateTime())->modify('-1 year')->getTimestamp(),
        ];

i put this any date because in this example we don't save expired time

https://gist.github.com/danvbe/4476697

    $client->setAccessToken($token);

    if($client->isAccessTokenExpired()){

        $refreshedToken = $client->refreshToken($client->getAccessToken());

here i have error

array:2 [▼
  "error" => "invalid_request"
  "error_description" => "Could not determine client ID from request."
]

There is HwiAuthBundle method to refresh token ? Why this not work with Google_Client refresh ?

what's a getGoogleId? Client id is the client id from google developer console the one used to create the refresh token you are using. — Linda Lawton - DaImTo, Nov 10 '16 at 09:04
If you've not seen this thread, yet, it looks like they consider refreshing tokens a lower priority for that bundle: https://github.com/hwi/HWIOAuthBundle/issues/457 So, a total plug and play solution, this is not. — Cameron Hurd, Nov 11 '16 at 14:24

François LEPORCQ · Answer 1 · 2017-09-20T10:52:06.453

In oauth2.0 to refresh an expired access token you need to send to the endpoint :

a grant type equals to 'refresh_token'
a valid refreshToken
your clientId
and your clientSecret

You can't send an expired accessToken to get a new refreshed accessToken.

public function refreshAccessToken($refreshToken, array $extraParameters = array())
{
    $parameters = array_merge(array(
        'refresh_token' => $refreshToken,
        'grant_type' => 'refresh_token',
        'client_id' => $this->options['client_id'],
        'client_secret' => $this->options['client_secret'],
    ), $extraParameters);
    $response = $this->doGetTokenRequest($this->options['access_token_url'], $parameters);
    $response = $this->getResponseContent($response);
    $this->validateResponseContent($response);
    return $response;
}

function refreshAccessToken($refreshToken, ...

and not $accessToken

I think you need to call after construct your client with your credentials

$client = new Google_Client();
$client->setAuthConfig('client_secrets.json');
$client->refreshToken($client->getRefreshToken());

https://developers.google.com/api-client-library/php/auth/web-app#creatingcred

Are you sure of your $client->setClientId($this->user->getGoogleId()); ? What is getGoogleId() ? I think you need also to create a oauth client id : https://developers.google.com/identity/sign-in/web/devconsole-project

In oauth client_id is not the user id but the app id

The bundle already has a method to refresh a token: [GenericOAuth2ResourceOwner::refreshToken()](https://github.com/hwi/HWIOAuthBundle/blob/0.5.3/OAuth/ResourceOwner/GenericOAuth2ResourceOwner.php#L107), but there is no documentation how to implement it in the workflow as described [here](https://github.com/hwi/HWIOAuthBundle/blob/master/Resources/doc/4-integrating_fosub.md) — Stephan Vierkant, Sep 20 '17 at 09:01
yes but it 's explicit that you must pass a refreshToken and not an accessToken in the first parameter of the method refreshAccessToken. In oauth 2.0 to refresh an access token you need to send a valid refresh token a grant_type equals to 'refresh_token' and your client id and secret — François LEPORCQ, Sep 20 '17 at 10:32
Can you tick my answer ? i am doing a little contest with my colleagues i need some points. thanks ! — François LEPORCQ, Sep 26 '17 at 14:08

score -2 · Answer 2 · edited Nov 17 '17 at 10:38

-2

Sorry to upset you amigo, but it looks like that package doesn't implement any Refresh Token functionality. Or it's left up to you.

Here's the open issue in their GitHub, have a look: https://github.com/hwi/HWIOAuthBundle/issues/457

Here's a comment from the issue:

This feature exists, yet there is no easy use for it as you need to do everything on your own (dealing with storing more details about token, detecting the expiration, calling Google to get new token, and replacing old), only help from this bundle for now, it's code that allows you to ask Google for new fresh token: GenericOAuth2ResourceOwner::refreshToken(), it should work as expected, but I have not used this bundle for long time =)

People in there are waiting on a Gist (snippet of code) to show them how to do this, but so far nothing.

edited Nov 17 '17 at 10:38

Stephan Vierkant

9,674
8
61
97

answered Sep 19 '17 at 11:31

delboy1978uk

12,118
2
21
39

Not completely true. It does feature [a method](https://github.com/hwi/HWIOAuthBundle/blob/0.5.3/OAuth/ResourceOwner/GenericOAuth2ResourceOwner.php#L107) to refresh a token, but it isn't documented how to use it. I'm asking for a good example in addition to the documentation. – Stephan Vierkant Sep 19 '17 at 12:31
Your answer doesn't answer the question. You're stating that the bundle doesn't implement refreshing tokens, but it does. It's not documented though, and that's the reason this question came up in the first place. – Stephan Vierkant Sep 19 '17 at 20:08

Refresh oauth2 token google api and HWIOAuthBundle

2 Answers2