Follow

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use
Follow
Facebook Twitter Instagram Youtube
Contact

Google OAuth, refreshing access token (grant type)

byMR
September 19, 2023

I’m trying to refresh a token obtained by Google OAuth consent screen and finding documentation for this is nearly impossible…

When i make the request below, i get as a response

Status Code: 400 - Bad Request
Error: "unsopported_grant_type"

MEDevel.com: Open-source for Healthcare and Education

Collecting and validating open-source software for healthcare, education, enterprise, development, medical imaging, medical records, and digital pathology.

Visit Medevel

Need help figuring this out.

const URL = 'https://accounts.google.com/o/oauth2/token';

const headers = {
  'Content-Type': 'application/x-www-form-urlencoded',
};

const payload = {
  client_id: process.env.GOOGLE_AUTH_CLIENT_ID,
  client_secret: process.env.GOOGLE_AUTH_CLIENT_ID,
  refresh_token: process.env.REFRESH_TOKEN,
  grant_type: 'refresh_token',
};

console.log('payload', payload);

const res = await fetch(URL, { method: 'post', headers, payload });
console.log('res', res);
const data = await res.text();
console.log('data', data);

>Solution :

In your showing script, how about the following modification?

In your script, at client_secret: process.env.GOOGLE_AUTH_CLIENT_ID,, GOOGLE_AUTH_CLIENT_ID (client ID?) is used as the client secret. Please be careful about this.

Modified script:

const URL = 'https://accounts.google.com/o/oauth2/token';
const headers = { 'Content-Type': 'application/x-www-form-urlencoded' };
const payload = {
  client_id: process.env.GOOGLE_AUTH_CLIENT_ID,
  client_secret: process.env.GOOGLE_AUTH_CLIENT_SECRET, // Modified
  refresh_token: process.env.REFRESH_TOKEN,
  grant_type: 'refresh_token',
};
console.log('payload', payload);
const res = await fetch(URL, { method: 'POST', headers, body: new URLSearchParams(payload) }); // Modified
console.log('res', res);
const data = await res.text();
console.log('data', data);

  • When I tested this modified script using my values, I confirmed that the access token can be obtained.

  • In this modification, process.env.GOOGLE_AUTH_CLIENT_SECRET is used for retrieving the client secret. Please modify GOOGLE_AUTH_CLIENT_SECRET to your actual situation.

  • And, it is required to send the values of client ID, client secret, refresh token and grant type as the form data.

Note:

  • In this modification, it supposes that your client ID, client secret, and refresh token are valid values for retrieving your access token. Please be careful about this.

Reference:

byMR
Published
Add a comment

Leave a Reply

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use

Read more

Discover more from Dev solutions

Subscribe now to keep reading and get access to the full archive.

Continue reading