Google OAuth, refreshing access token (grant type)

I’m trying to refresh a token obtained by Google OAuth consent screen and finding documentation for this is nearly impossible…

When i make the request below, i get as a response

Status Code: 400 - Bad Request
Error: "unsopported_grant_type"

Need help figuring this out.

const URL = 'https://accounts.google.com/o/oauth2/token';

const headers = {
  'Content-Type': 'application/x-www-form-urlencoded',
};

const payload = {
  client_id: process.env.GOOGLE_AUTH_CLIENT_ID,
  client_secret: process.env.GOOGLE_AUTH_CLIENT_ID,
  refresh_token: process.env.REFRESH_TOKEN,
  grant_type: 'refresh_token',
};

console.log('payload', payload);

const res = await fetch(URL, { method: 'post', headers, payload });
console.log('res', res);
const data = await res.text();
console.log('data', data);

>Solution :

In your showing script, how about the following modification?

In your script, at client_secret: process.env.GOOGLE_AUTH_CLIENT_ID,, GOOGLE_AUTH_CLIENT_ID (client ID?) is used as the client secret. Please be careful about this.

Modified script:

const URL = 'https://accounts.google.com/o/oauth2/token';
const headers = { 'Content-Type': 'application/x-www-form-urlencoded' };
const payload = {
  client_id: process.env.GOOGLE_AUTH_CLIENT_ID,
  client_secret: process.env.GOOGLE_AUTH_CLIENT_SECRET, // Modified
  refresh_token: process.env.REFRESH_TOKEN,
  grant_type: 'refresh_token',
};
console.log('payload', payload);
const res = await fetch(URL, { method: 'POST', headers, body: new URLSearchParams(payload) }); // Modified
console.log('res', res);
const data = await res.text();
console.log('data', data);

  • When I tested this modified script using my values, I confirmed that the access token can be obtained.

  • In this modification, process.env.GOOGLE_AUTH_CLIENT_SECRET is used for retrieving the client secret. Please modify GOOGLE_AUTH_CLIENT_SECRET to your actual situation.

  • And, it is required to send the values of client ID, client secret, refresh token and grant type as the form data.

Note:

  • In this modification, it supposes that your client ID, client secret, and refresh token are valid values for retrieving your access token. Please be careful about this.

Reference:

Leave a Reply