0

I created a prototype to ask the permission from User for accessing their Google Calendar by using ASP.NET WebForms.

Here is my code:

<%@ Page Language="C#" AutoEventWireup="true" CodeBehind="WebForm1.aspx.cs" Inherits="GoogleSignInDemo.WebForm1" %>

<!DOCTYPE html>

<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
    <meta name="google-signin-scope" content="profile email">
    <meta name="google-signin-client_id" content="CLIENT_ID.apps.googleusercontent.com">
    <script src="https://apis.google.com/js/platform.js" async defer></script>
    <script src="Resources/jquery.js" ></script>
</head>
<body>
    <div class="g-signin2" data-theme="dark" onclick="onSignInCalendar()"></div>
    <script>
        function onSignInCalendar() {
            var auth2 = gapi.auth2.getAuthInstance();
            var options = new gapi.auth2.SigninOptionsBuilder(
                { 'scope': 'email https://www.googleapis.com/auth/calendar' });

            googleUser = auth2.currentUser.get();
            googleUser.grant(options).then(
                function (success) {
                    console.log(JSON.stringify({ message: "success", value: success }));
                    var accessToken = success.Zi.access_token;
                    var idToken = success.Zi.id_token;
                },
                function (fail) {
                    alert(JSON.stringify({ message: "fail", value: fail }));
                });
        }
    </script>
</body>
</html>

It works fine. However, the response from google only contain access_token and id_token. I can't find refresh_token in there.

Any knows how to get it?

Yusril Maulidan Raji
  • 1,682
  • 1
  • 21
  • 46
  • Possible duplicate of [How to get refresh token while using Google API JS Client](https://stackoverflow.com/questions/24454137/how-to-get-refresh-token-while-using-google-api-js-client) – ADyson May 09 '18 at 16:13
  • As you're using client-side auth, this particular flow is not designed to make use of a refresh token. Why do you think you need one? – ADyson May 09 '18 at 16:13
  • @ADyson The main idea is to sync Google Calendar data from user to my app and they only need to give permission once in the beginning. The `access_token` that I get now has an expiration time. I can see that from the other property called `"expires_in": 3600`. Therefore, I assume I need a `refresh_token` in order to get a new `access_token` – Yusril Maulidan Raji May 11 '18 at 10:15
  • in the client side flow, as I understand it, you don't need to request this on the user's behalf - that's only in a scenario where you're making the request as a proxy (i.e. from a server-side app where the HTTP request to google is not made directly from the user's browser). To my knowledge and experience, if the access token has expired, but the user is still logged into their google account in the browser, it'll either just go and get a new token by itself, or the user will get a quick prompt screen to confirm they want to continue to be logged into the app. – ADyson May 11 '18 at 10:21
  • Exactly, however, the sync process itself will be done from server-side service. Only the access request that is done in client side. Therefore, I suppose `refresh_token` is needed beside the user's email. Any idea about this? – Yusril Maulidan Raji May 11 '18 at 10:27
  • Well you never mentioned that in the question...if you need to do something server-side afterwards then use the server-side OAuth flow provided and documented by Google. Then your token etc will be available on your server for you to use, not in the browser. And also make sure you request for offline access so that you can get a refresh token later. I think this flow is what you should be using: https://developers.google.com/identity/protocols/OAuth2WebServer . There is a .NET client library available to make it easier. – ADyson May 11 '18 at 10:29
  • @ADyson In here: https://developers.google.com/identity/sign-in/web/server-side-flow It says *Your server exchanges this one-time-use code to acquire its own access and refresh tokens from Google for the server to be able to make its own API calls, which can be done while the user is offline.* Therefore, I assume there should be a way to get `refresh_token`. However, I find it hard to find a good example on how to do that using .NET client library. What I fear is the .NET client library doesn't support it yet. – Yusril Maulidan Raji May 14 '18 at 14:40
  • https://developers.google.com/api-client-library/dotnet/guide/aaa_oauth#user-credentials says `UserCredential and AuthorizationCodeFlow take care of automatically "refreshing" the token, which simply means getting a new access token. This is done using a long-lived refresh token, which you receive along with the access token if you use the access_type=offline parameter during the authorization code flow.` . So I guess you don't need to worry about it too much, but it also does discuss how to persist the token if need be. Does that help? – ADyson May 14 '18 at 14:52
  • There's also this: https://developers.google.com/api-client-library/dotnet/reference/1.10.0/classGoogle_1_1Apis_1_1Auth_1_1OAuth2_1_1UserCredential#ac0df5aa0d60bd0a0b42562b324e6f7c0 and this https://developers.google.com/api-client-library/dotnet/reference/1.10.0/classGoogle_1_1Apis_1_1Auth_1_1OAuth2_1_1Responses_1_1TokenResponse. All of the above were the result of a few moments' googling. – ADyson May 14 '18 at 14:54

0 Answers0