Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to refresh expired google sign-in logins?

Tags:

google-signin

google-identity

google-plus-signin

I'm using Google Sign-In. A user comes to my site and logs in with gapi.auth2.getAuthInstance().signIn(), or they are already logged in and when the page loads (or reloads) we fetch the status. At this point I have an identity token good for an hour that I can validate on the server.

When a user leaves the browser sitting (say, overnight), this token expires. gapi.auth2.getAuthInstance().isSignedIn.get() returns true, but the token does not validate.

How can I log in a user and keep them logged in while their session is active (ie, browser hasn't been closed)? Or refresh the token? Anything more graceful than reloading the page...

Edit: The refresh token is not a correct answer; I don't want offline access (and don't want to ask for the permission). Google obviously thinks the user is still signed into my application; the user can reload the page and get a new token without providing credentials again. Surely there is some mechanism more graceful than a hidden iframe to get an updated token?

like image 767
stickfigure Avatar asked Aug 21 '15 23:08

stickfigure

People also ask

How do I refresh Google ID token?

You can refresh an Identity Platform ID token by issuing an HTTP POST request to the securetoken.googleapis.com endpoint. The refresh token's grant type, always "refresh_token".

Can I refresh ID token?

You can refresh access and ID tokens using the /token endpoint with the grant_type set to refresh_token . Before calling this endpoint, obtain the refresh token from the SDK and ensure that you have included offline_access as a scope in the SDK configurations.

What is refresh token in oauth2?

An OAuth Refresh Token is a string that the OAuth client can use to get a new access token without the user's interaction. A refresh token must not allow the client to gain any access beyond the scope of the original grant.

2 Answers

If the token is expired, you can call gapi.auth2.getAuthInstance().currentUser.get().reloadAuthResponse(). It returns a Promise.

like image 159
Jacek Kopecký Avatar answered Oct 09 '22 23:10

Jacek Kopecký

I've raised an issue with Google over this because it's simply ridiculous they haven't documented this properly.

My comment here advises how I've accomplished refresh using the above.

like image 34
Andrew Avatar answered Oct 09 '22 22:10

Andrew
Sign in to Comment

Related questions

How to get profile like gender from google signin in Android?
Use User-Defined build settings in custom .plist file
Duplicate symbols when integrating Firebase and Google Sign In SDKs manually without Cocoapods
Google sign in doesn't work after release of flutter app
Google Sign-In crashes on iOS 9 attempting to call canOpenURL
Undefined class 'AuthResult' in Flutter
Documentation for the automatic "Continue as" Google popup
"Browser or app may not be secure. Try using a different browser." error with Flutter Firebase Google Login
Firebase Overwrites Signin with Google Account
Android Google Sign In is flashing a small empty white box while signing in a user
Custom Google Sign-In button - iOS
Can I edit the text of sign in button on Google?
Is there another place to get a google-services.json?
idpiframe_initialization_failed in Google Sign In from Localhost
http:403 forbidden error when trying to load img src with google profile pic
Google SignIn API Exception 10
How to get access token after user is signed in from Gmail in Android?
How to implement SignIn with Google in Angular 2 using Typescript
Sign in with Google temporarily disabled for this app
Using google sign in button with react

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!