I'm using Google Sign-In. A user comes to my site and logs in with gapi.auth2.getAuthInstance().signIn()
, or they are already logged in and when the page loads (or reloads) we fetch the status. At this point I have an identity token good for an hour that I can validate on the server.
When a user leaves the browser sitting (say, overnight), this token expires. gapi.auth2.getAuthInstance().isSignedIn.get()
returns true, but the token does not validate.
How can I log in a user and keep them logged in while their session is active (ie, browser hasn't been closed)? Or refresh the token? Anything more graceful than reloading the page...
Edit: The refresh token is not a correct answer; I don't want offline access (and don't want to ask for the permission). Google obviously thinks the user is still signed into my application; the user can reload the page and get a new token without providing credentials again. Surely there is some mechanism more graceful than a hidden iframe to get an updated token?
You can refresh an Identity Platform ID token by issuing an HTTP POST request to the securetoken.googleapis.com endpoint. The refresh token's grant type, always "refresh_token".
You can refresh access and ID tokens using the /token endpoint with the grant_type set to refresh_token . Before calling this endpoint, obtain the refresh token from the SDK and ensure that you have included offline_access as a scope in the SDK configurations.
An OAuth Refresh Token is a string that the OAuth client can use to get a new access token without the user's interaction. A refresh token must not allow the client to gain any access beyond the scope of the original grant.
If the token is expired, you can call gapi.auth2.getAuthInstance().currentUser.get().reloadAuthResponse()
. It returns a Promise.
I've raised an issue with Google over this because it's simply ridiculous they haven't documented this properly.
My comment here advises how I've accomplished refresh using the above.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With