Google Oauth returns refresh token only on first time authorization

Question

I need to make authentification with google oauth2. I've installed nuxt/auth-next and created configuration for authentification like this.

  auth: {
    strategies: {
      google: {
        scope: ['profile', 'email'],
        endpoints: {
          userInfo: `${process.env.API_URL}/user`
        },
        codeChallengeMethod: '',
        token: {
          property: 'id_token'
        },
        refreshToken: {
          property: 'refresh_token'
        },
        prompt: 'consent',
        access_type: 'offline',
        responseType: 'id_token token',
        clientId: process.env.GOOGLE_CLIENT_ID
      }
    }
  }

The login part work, but the refresh_token is never added in local storage (auth._refresh_token.google = false).

I found only one thing. The refresh token is given only at the first authorization ... but not for me. (Not receiving Google OAuth refresh token) I have used https://myaccount.google.com/permissions to revert permission for my application.

Anyone faced the same problem ? Solution ?

Maybe the property of refresh_token is not good, but I didn't find any doc about it.

Thanks for your help

Answer 1

Depending upon the programming language google will only return a refresh token the first time the user grants your application consent. I have most often seen this with the JavaScript frameworks.

I asked the team about it once and the response I got was. Google assumes that developers have stored the refresh token.

However with languages like C#, php, python, Java, Ruby all return a new refresh token every time the user consents. Which is due to the fact that the app may be run from more the one place i guess.

You can try adding prompt=force it should prompt the user for consent again. It may return a new refresh token.