refreshToken

[sdemoor]

Hi!
I am not able to access the refreshToken inside the 'new Strategy' callback function.
When logging in it does ask for offline access, and everything works, except for accessing the refreshtoken.

[damianobarbati]

I can't as well, did you solve this @sdemoor ?

[natanbr]

Did someone solved it?
@damianobarbati @sdemoor @mstade

[damianobarbati]

@natanbr yes, here what I'm currently doing:

const passportGoogle = require('passport-google-oauth').OAuth2Strategy;

const computeConnectedUser = strategy => (req, accessToken, refreshToken, profile, done) => done(false, { strategy, accessToken, refreshToken, ...profile });

const googleStrategy = new passportGoogle({
    clientID: googleConfig.clientID,
    clientSecret: googleConfig.clientSecret,
    callbackURL: googleConfig.callbackURL,
    profileFields: googleConfig.profileFields,
    passReqToCallback: true,
}, computeConnectedUser('google'));

passport.use(googleStrategy);

router.all(googleConfig.connectURL, passport.authenticate('google', { authType: 'rerequest', accessType: 'offline', prompt: 'consent', includeGrantedScopes: true, scope: googleConfig.scope }));

router.all(googleConfig.callbackURL, passport.authenticate('google', { failureRedirect: googleConfig.connectURL, session: false }), oauthed);

[natanbr]

Thanks a lot! @damianobarbati
The reason it didn't work for me is that I set the params in the strategy
I had to set them for the connection URL

This is the working code:

router.get('/:provider', // ConnectionURL
  (req, res, next)=> {
    passport.authenticate(`${req.params.provider}`, { authType: 'rerequest', accessType: 'offline', prompt: 'consent', includeGrantedScopes: true })(req, res, next);
  }
);

[Aditya94A]

@damianobarbati I'm not sure exactly what you're doing which is making it work for you...

My own implementation is pretty minimal and still my refreshToken is undefined :/

const GoogleStrategy = require('passport-google-oauth2').Strategy;

    passport.use(new GoogleStrategy({
            clientID: "whatever",
            clientSecret: "whatever",
            callbackURL: "http://localhost:3000/api/auth/google/callback",
            passReqToCallback: true
        },
        (request, accessToken, refreshToken, profile, done) => {
            process.nextTick(() => {
                console.log(refreshToken); //<-------undefined :(
                done(null, null, refreshToken);
            });
        }
    ));

//...the auth route:

    app.get("/api/auth/google/:id", (req, res, next) => {
        passport.authenticate("google", {
            session: false,
            state: req.params.id,
            scope: ["https://www.googleapis.com/auth/plus.login"]
        })(req, res, next);
    });

//...the callback

    app.get("/api/auth/google/callback", (req, res, next) => {
        passport.authenticate("google", (err, user, refreshToken) => {
            console.log(refreshToken);            //<------ still undefined 
        })(req, res, next);
    });

I'm not sure what I'm doing wrong, this is almost exactly how it is in the readme (only difference being that I'm handling redirection myself). I get the accessToken just fine but the refresh token is nowhere to be seen.

@natanbr What do you mean by "I set the params in the strategy"?
@damianobarbati What exactly did you change in your code which made it work?
@sdemoor Did you get it to work?

[damianobarbati]

@AdityaAnand1 double check the following => accessType: 'offline', prompt: 'consent'

[Aditya94A]

@damianobarbati Ahh, that did it! I didn't realize that was the extra options bits. Thank you! (I didn't see anything like this in the docs though 😕)

Here's my working connect route for future lost souls:

    app.get("/api/auth/google/:id", (req, res, next) => {
        passport.authenticate("google", {
            accessType: 'offline',
            prompt: 'consent',
            session: false,
            state: req.params.id,
            scope:
                ["https://www.googleapis.com/auth/plus.stream.write",]
        })(req, res, next);
    });

[mstade]

(I didn't see anything like this in the docs though 😕)

Yeah the docs really could use some work.

[metacritical]

I checked and it works without prompt: 'consent'

[nayefmhmd85]

Hi Friends,
How Can I get tokenId or Access token from response