5

I'm playing a bit with OAuth 2.0 in combination with some Google API. Although the authorization process is quite easy, I'm facing a problem with the automatic authorization after the initial authorization has been completed.

So: 

1. Authorization is done for the first time. (user grants access, I get the token etc etc)
2. User exits the application
3. User starts the application again
4. How to logon automatically here?

At point 4, I do have a refresh_token so I should just request a new token using that request_token. But I still keep getting 401 Unauthorized results on my calls.

So what I try to do is that my application can logon silently so that the user doesn't have to grant access every time.

Rhapsody
  • 6,017
  • 2
  • 31
  • 49

2 Answers2

2

You should be able to refresh OAuth 2.0 token using the following request:

POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded

client_id=21302922996.apps.googleusercontent.com&
client_secret=XTHhXh1SlUNgvyWGwDk1EjXB&
refresh_token=1/6BMfW9j53gdGImsixUH6kU5RsR4zwI9lUVX-tqf8JXQ&
grant_type=refresh_token

As pointed in Google OAuth 2.0 documentation.

I just tried it out using curl and it works as expected:

curl -d client_id=$CLIENT_ID -d client_secret=$CLIENT_SECRET -d refresh_token=$REFRESH_TOKEN -d grant_type=refresh_token https://accounts.google.com/o/oauth2/token

{"access_token":"$ACCESS_TOKEN","token_type":"Bearer","expires_in":3600}
proppy
  • 10,495
  • 5
  • 37
  • 66
1

I do this in .NET by using the Google.GData.Client. Once I've gone though the authorization process and save the tokens, the next time my user comes to the site I pull the authorization by generating a GOAuthRequestFactory object.

public GOAuthRequestFactory GetGoogleOAuthFactory(int id)
    {
        // build the base parameters
        OAuthParameters parameters = new OAuthParameters
        {
            ConsumerKey = kConsumerKey,
            ConsumerSecret = kConsumerSecret
        };

        // check to see if we have saved tokens and set
        var tokens = (from a in context.GO_GoogleAuthorizeTokens where a.id = id select a);
        if (tokens.Count() > 0)
        {
            GO_GoogleAuthorizeToken token = tokens.First();
            parameters.Token = token.Token;
            parameters.TokenSecret = token.TokenSecret;
        }

        // now build the factory
        return new GOAuthRequestFactory("somevalue", kApplicationName, parameters);
    }

Once I have the request factory, I can call one of the various api's that I have permission to use and do something like this:

// authenticate to the google calendar
CalendarService service = new CalendarService(kApplicationName);
service.RequestFactory = GetGoogleOAuthFactory([user id]);

// add from google doc record
EventEntry entry = new EventEntry();
entry.Title.Text = goEvent.Title;
entry.Content.Content = GoogleCalendarEventDescription(goEvent);

When eventTime = new When(goEvent.StartTime, goEvent.EndTime.HasValue ? goEvent.EndTime.Value : DateTime.MinValue, goEvent.AllDay);
entry.Times.Add(eventTime);

// add the location
Where eventLocation = new Where();
eventLocation.ValueString = String.Format("{0}, {1}, {2} {3}", goEvent.Address, goEvent.City, goEvent.State, goEvent.Zip);
entry.Locations.Add(eventLocation);

Uri postUri = new Uri(kCalendarURL);

// set the request and receive the response
EventEntry insertedEntry = service.Insert(postUri, entry);
uadrive
  • 1,249
  • 14
  • 23
  • do you have a solution with this posted anywhere? – Micah Dec 06 '11 at 21:23
  • 1
    I don't have a solution up, but I did post in another thread with the details of connecting to Google's Oauth if that helps you. http://stackoverflow.com/a/7854919/947898 – uadrive Dec 06 '11 at 22:13