Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to handle refresh tokens in golang/oauth2 client lib

Tags:

go

oauth-2.0

There are few examples of using https://github.com/golang/oauth2 but none of them covers usage of refresh tokens. I've tried few approaches, but i'm still unsatisfied with my results.

Is there any example code, or maybe you know some project at Github using oauth2 lib to take as example?

like image 411
Andrew Avatar asked Feb 23 '15 22:02

Andrew

People also ask

How do I refresh my client token?

To use the refresh token, make a POST request to the service's token endpoint with grant_type=refresh_token , and include the refresh token as well as the client credentials if required.

How do I get a new refresh token OAuth2?

Because OAuth2 access expires after a limited time, an OAuth2 refresh token is used to automatically renew OAuth2 access. Click the tab for the programming language you're using, and follow the instructions to generate an OAuth2 refresh token and set up the configuration file for your client.

Does refresh token expire in OAuth2?

By default, access tokens are valid for 60 days and programmatic refresh tokens are valid for a year.

Which OAuth grant can support a refresh token?

The Refresh Token grant type is used by clients to exchange a refresh token for an access token when the access token has expired. This allows clients to continue to have a valid access token without further interaction with the user.

1 Answers

You need not bother about refreshing tokens until the time you are storing the Expiry parameter. After getting the 'Token' object, store the following in your database:

token.AccessToken, token.RefreshToken, token.TokenType and token.Expiry

while fetching, construct the token object again using the above parameters:

token := new(oauth2.Token) token.AccessToken = {{ From DataBase }} token.RefreshToken = {{ From DataBase }} token.Expiry = {{ From DataBase }} token.TokenType = {{ From DataBase }}

and then get your http client:

config.Client(ctx, token)

this will handle refreshing the token. Excerpt (more info: Golang oauth2 client):

Client returns an HTTP client using the provided token. The token will auto-refresh as necessary.

Only downside is, the refreshed access token is not returned. But it works! Google has no restrictions on how many times the refresh token is used.

like image 162
Devaroop Avatar answered Sep 20 '22 01:09

Devaroop
Sign in to Comment

Related questions

Why does mgo not return the ID of inserted document?
How can I prevent SQL injection attacks in Go while using "database/sql"?
How can a garbage collector find out about object references done from the stack?
expected declaration, found 'IDENT' item
GO language: fatal error: all goroutines are asleep - deadlock
Go IDE With GUI Design Support [closed]
Go language benchmarks?
How to access string as character value
What does the w flag mean when passed in via the ldflags option to the go command?
Marshalling json.RawMessage returns base64 encoded string
(un)marshalling json golang not working
How to get time.Tick to tick immediately
go install: no install location for directory outside GOPATH
How to use Delve debugger in Visual Studio Code
Golang Converting image.Image to []byte
In golang, what is the difference between & and *
Go interactive shell [duplicate]
C++ libraries that implement Go goroutines or Go channels? [closed]
How check if a property was set in a struct
Decreasing slice capacity

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!