5

I am able to authenticate and perform actions on google drive using credential I got after authentication but this token is there for long long time. it says expires-in : 3600 so it should expire in 1hour but when I tried it after a month it uses that token and it worked.

My requirement is after authentication and whatever task is being performed get complete, it should again ask for authentication to user if user initiate the program again. so basically I don't want token to be stored in client's system. Expires-in is not working for me as token get refreshed and is not asking again for Authentication.

below is my code which I am using :

credential = GoogleWebAuthorizationBroker.AuthorizeAsync(
                   new ClientSecrets
                   {
                       ClientId = "<myid>.apps.googleusercontent.com",
                       ClientSecret = "<Mysecret>"
                   },
                   new[] { DriveService.Scope.Drive },
                   "user",
                   CancellationToken.None).Result;

                // Create the service using the client credentials.
                DriveService service = new DriveService(new BaseClientService.Initializer()
                     {
                         HttpClientInitializer = credential,
                         ApplicationName = "sampleapp"
                     });
*****some task performed*********

now after this "some task" I want token to be destroy.

Please help.

Linda Lawton - DaImTo
  • 106,405
  • 32
  • 180
  • 449
user2376920
  • 242
  • 1
  • 7
  • 19

2 Answers2

8

From release 1.8.2 (http://google-api-dotnet-client.blogspot.com/2014/05/announcing-release-of-182.html) which was just released earlier today, we support token revocation. It revokes the token and also deletes it form the data store.

All you have to do is the following:

await credential.RevokeTokenAsync(CancellationToken.None);

As simple as that.

UPDATE: Read more about token revocation in the Google APIs client library for .NET in this blogpost: http://peleyal.blogspot.com/2014/06/182-is-here.html

peleyal
  • 3,472
  • 1
  • 14
  • 25
  • after updating nuget package using `Install-Package Google.Apis.Auth` my code is not launching browser to authenticate user. whats wrong? it started to give exception at `GoogleWebAuthorizationBroker.AuthorizeAsync()` method. – user2376920 May 27 '14 at 06:25
  • What is the exact scenario? What is the exception? Do you have an old data in datastore (maybe an access token that you revoke manually?) – peleyal May 27 '14 at 13:20
  • You can also start with a new user-id (change 'user' to 'new-user' for now and check if it works). Take a look in the existing BooksSample - https://code.google.com/p/google-api-dotnet-client/source/browse/Books.ListMyLibrary/Program.cs?repo=samples#82 for a working sample – peleyal May 27 '14 at 14:04
  • is it going to ask for authentication again if user change? why I am asking this question because I can change it dynamically and this will be a value add if user is same I don't want to reauthenticate but if user is different then it must authenticate. – user2376920 May 27 '14 at 15:15
  • This is the exception I am getting `{"Method not found: 'Void Google.Apis.Util.Store.FileDataStore..ctor(System.String, Boolean)'."}` – user2376920 May 27 '14 at 16:10
  • ok.. so exception gone after I reinstall install-package google.apis -pre. Iam able to delete token and it is asking me again to authenticate. – user2376920 May 27 '14 at 17:06
0

The reason that you user is not getting asked again is because you are passing a refresh token, you just didn't know it.

Normal when I do this I use the following code:

credential = GoogleWebAuthorizationBroker.AuthorizeAsync(
                   new ClientSecrets
                   {
                       ClientId = "<myid>.apps.googleusercontent.com",
                       ClientSecret = "<Mysecret>"
                   },
                   new[] { DriveService.Scope.Drive },
                   "user",
                   CancellationToken.None,
                   FileDataStore("Drive.Auth.Store")).Result;

What happens then is a file with my refresh token is stored in the user %AppData% directory with the name Drive.auth.store. 

{
   "access_token":"ya29.IgA23NyW3rF0xxoAAACFPgYzOm9Bm1Vixr-ti9crN5LvEr0W_gjtUQWOCy9QHw",
   "token_type":"Bearer",
   "expires_in":3600,
   "refresh_token":"1/OGUwUcl92Abo-7LAsuC0tsp_FWxhOW_freUyKncNalI",
   "Issued":"2014-05-26T20:34:07.447+02:00"
}

Now your code is slightly diffrent you arent sending FileDataStore("Drive.Auth.Store"). I hadn't tried not sending it before so I had to test this. It appears that by default GoogleWebAuthorizationBroker.AuthorizeAsync stores the refresh token for you just like it would if you used FileDataStore. The name appears to be a default Tasks.Auth.Store.

So what is happening is that every time your user runs your application the Client lib is auto loading that file for you.

How to fix it:

The ugly way would be to randomly change "User" (timestamp or something), if that is different then it will automatically prompt for authentication again. You will need to check the file in %appdata% i have no idea if its going to create a new one every time they run your application or if its just going to over wright the old one. Its probably not a good idea to keep creating crap files on the users PC.

The nice way. Create your own implementation of Idatastore that just doesn't save it. You can find a very basic example of that Google Oauth C# at the bottom called stored refresh token Just don't store it anyplace.

Linda Lawton - DaImTo
  • 106,405
  • 32
  • 180
  • 449