0

I am using Firebase Auth in my app to authenticate user using Google as the Identity Provider. Instead of just authentication, I also add an optional scope so that a user can authorize my app to access his Google Drive as well in one single step during the sign in process. In return, I can use Firebase SDK to retrieve the OAuth Access Token from Google which I can use to access the user's Google drive with no problem.

Question: Since access token is short-lived, how can I obtain the Google (NOT Firebase) refresh token so that I can renew the access token in case it expires? This token will be stored in the backend so that we can process some background updates even when the user is not actively using the app. I believe Firebase should have hold this refresh token somewhere so that it can refresh for me. I just need to get a hold of that so that I can do renew the access token using my own code. But I am not sure where is that located.

Cupid Chan
  • 496
  • 4
  • 15
  • That's not supported natively atm. Firebase won't refresh the OAuth tokens from other providers. Try using [Google Identity Services](https://developers.google.com/identity/gsi/web) directly instead. Checkout the linked answers for more information. – Dharmaraj Oct 01 '22 at 14:16
  • The tokens are actually provided at each login using config: {signInSuccessWithAuthResult(authResult);} Then you can check the autResult and store to firestore. I store my 3rd party keys in a totally separate collection that has no read access from users. I use firestore functions to handle refresh tokens for auth 1.0 and auth 2.0. Not sure if this is the proper way but I am also in search of a better solution. – David Oct 13 '22 at 22:01
  • @David I am aware of the "refreshToken" using {signInSuccessWithAuthResult(authResult);} However, I believe that is for Firebase, NOT have the 3rdParty IDP. Do you see something different in your case? – Cupid Chan Oct 14 '22 at 13:10
  • When using Firebase Auth's drop in solution, I am able to get providers access and secret tokens, like twitter, then use them on firebase functions to call the twitter api. Firebase's auth/secret credentials only fire off if the user signed in with a google account. You can also use the link accounts feature which also returns the keys on successful link. – David Oct 14 '22 at 15:45

0 Answers0