3

I see some questions about this with solutions that seem to be deprecated in the Google APIs Node.js Client OAuth API (e.g., this and this).

There's no documentation I can see regarding using the refresh token to get a new access token (docs section). In an issue from early 2017, someone mentions getting off the oauth2Client.credentials property, but it looks like that's within a call to one of the other APIs wrapped in the package.

In my use case, I'm querying the Google My Business (GMB) API, which is not wrapped in there, but I'm using the OAuth piece of this package to authenticate and get my tokens.

My request to the GMB API (using the request-promise module), looks something like this:

function getLocations () {
  return request({
    method: 'POST',
    uri: `${gmbApiRoot}/accounts/${acct}/locations:batchGet`,
    headers: {
      Authorization: `OAuth ${gmbAccessToken}`
    }
  })
  .then(function (response) {
    console.log(response);
  })
  .catch(function (err) {
    // ...
  });
}

I don't think I can pass the oauth2Client into the headers for authorization like in the issue response. Is there a way to directly request a new access_token given that I have my refresh token cached in my app?

Update: Solved! Thanks to Justin for the help. Here's what my working code is looking like:

oauth2Client.setCredentials({
  refresh_token: storedRefreshToken
});

return oauth2Client.refreshAccessToken()
.then(function (res) {
  if (!res.tokens && !res.credentials) {
    throw Error('No access token returned.');
  }

  const tokens = res.tokens || res.credentials;

  // Runs my project-level function to store the tokens.
  return setTokens(tokens);
});
alexbea
  • 1,311
  • 14
  • 25

2 Answers2

3

If you have an existing oauth2 client, all you need to do is call setCredentials:

oauth2client.setCredentials({
  refresh_token: 'REFRESH_TOKEN_YALL'
});

On the next call that goes through the client, it will automatically detect there is no access token, notice the refresh token, and go snag a new access token along with it's expiration date. I outlined some docs and code around this in the issue you opened up on GitHub :P

https://github.com/google/google-api-nodejs-client/pull/1160/files

Hope this helps!

Justin Beckwith
  • 7,686
  • 1
  • 33
  • 55
  • I'm not sure I understand. My only use of the client is to get the tokens, so I'm not sure what the next one would be. The only think I can think of is `getToken`, which requires a `code`. When initially granting authorization I get that `code` back from the redirect URL, but I don't have that here. – alexbea May 15 '18 at 21:21
  • Thanks for the docs update, by the way. I really appreciate it. – alexbea May 16 '18 at 13:15
  • 1
    All set! In the auth api repo README I saw a mention that I could call `oauth2Client.refreshAccessToken()` and the updated tokens were in the response. Thanks again for your help! – alexbea May 17 '18 at 15:21
1

I wanted to add in my learning, to the community, in case it helps anyone out there struggling with this too. The above answers were correct, but I discovered one other attribute.

Namely, I was calling my credentials like this:

oAuth2Client.setCredentials(JSON.parse(authResults));

my authResults, is defined as this:

const authResults = fs.readFileSync(TOKEN_PATH);

This results in several fields being filled in to the results variable:

[
  'access_token',
  'refresh_token',
  'scope',
  'token_type',
  'expiry_date'
]

Now here's the nuance...if the access_token AND the refresh_token are both given to the setCredentials call, the refresh-token is ignored. Changing to the above answer, where I send in only the refresh token:

oAuth2Client.setCredentials({ refresh_token: creds['refresh_token'] });

Worked like a champ! Hope this finds its way and helps someone else.

G-Force
  • 345
  • 3
  • 10