How to submit prompt=consent via ueberauth_google

Question

When a user has already given consent for an app (e.g. when a user abandons account creation during an initial attempt, then tries again), Google will not re-prompt for consent unless prompt=consent is passed (see documentation). Without prompting for consent, Google will not provide a refresh token to the calling server. And without a refresh token, the server cannot interact with the user's resources (e.g. sending email on the user's behalf).

ueberauth_google has a mechanism for setting approval_prompt, but this is a different parameter than prompt. Is there a way to send prompt=consent using ueberauth_google? (Note, if I add %26prompt%3Dconsent to the url that ueberauth_google sends me to, then Google does prompt me and our server does receive the refresh token.)

score 1 · Accepted Answer · answered Aug 29 '18 at 04:35

On your config.exs you need to add prompt: "consent"

config :ueberauth, Ueberauth,
  providers: [
    google:
      {Ueberauth.Strategy.Google,
       [
         access_type: "offline",
         prompt: "consent",
         default_scope:
           "https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/youtube.upload https://www.googleapis.com/auth/userinfo.profile"
       ]}
  ]

But this hasn't been merged to ueberauth_google yet. For the time being, you can go to your: deps/ueberauth_google/lib/ueberauth/strategy/google.ex

And edit this line manually

How to submit prompt=consent via ueberauth_google

1 Answers1