4

I am currently using django-social-auth to manage oauth2 registration with google-oauth2 for access to Google Drive. I have added offline access to my extra_arguments. Therefore Google returns a refresh token and it is stored by django-social-auth. The problem is that django-social-auth never uses this refresh token to update the access token. Therefore the access token expires after one hour, and I can't use it to perform offline requests. I want to keep the access_token valid 24/7 so I can keep my database synced with each users Google Drive.

GOOGLE_OAUTH2_AUTH_EXTRA_ARGUMENTS = {'access_type':'offline'}
GOOGLE_OAUTH_EXTRA_SCOPE = ['https://www.googleapis.com/auth/drive https://www.googleapis.com/auth/userinfo.profile']

SOCIAL_AUTH_USER_MODEL = 'accounts.GoogleDriveUser'
SOCIAL_AUTH_EXTRA_DATA = True
SOCIAL_AUTH_SESSION_EXPIRATION = False

Is there a way to force django-social auth to update the access_token every time it expires using the refresh_token. I would love to see an example of how this problem could be solved.

Max Ferguson
  • 676
  • 1
  • 7
  • 25

2 Answers2

8

It looks like UserSocialAuth objects now have a .refresh_token() method, which allows you to use .tokens and get the updated token.

mrooney
  • 1,994
  • 2
  • 19
  • 30
  • Sorry, is this mean that this `.refresh_token` will be called automatically when `access token` will expire? Or I need manually somehow know that token expired? – Ivan Borshchov Sep 08 '16 at 21:48
  • @user3479125 I believe it should refresh automatically, however this also allows you to catch such exceptions and refresh yourself if it doesn't in certain edge cases :) – mrooney Sep 13 '16 at 20:10
1

There's no way directly implemented in django-social-auth at the moment (I've raised a ticket to track it https://github.com/omab/django-social-auth/issues/492), meanwhile this snippet will do the work, it just need to be improved a little to suite your needs.

omab
  • 3,721
  • 19
  • 23