can't get access token using refresh token

0
votes

I wrote desktop application on java, which have access to the Google drive. (it just uploads and downloads files).

At the moment access type is online. when I need to access files/folders to the drive, I redirect he browser to a Google URL and get access code:

String code = "code that was returned from brouser"
GoogleTokenResponse response = flow.newTokenRequest(code).setRedirectUri(REDIRECT_URI).execute();
GoogleCredential credential = new GoogleCredential().setFromTokenResponse(response);

everything works well! but I need to have that redirection only first time.

When I google, in the Google Drive API documentation I found that I can get refresh token via browser redirection and save it on DB for instance. (In the other word, I can use offline access).

And every time when I need to read data from google drive, I get access token using refresh token without redirection. is not it?

so I get refresh token like that:

https://accounts.google.com/o/oauth2/auth?access_type=offline&client_id=695230079990.apps.googleusercontent.com&scope=https://www.googleapis.com/auth/drive&response_type=code&redirect_uri=https://localhost

question 1
I get code, from the browser redirecting. it's refresh token, is not it? now, I need to get access token using that refresh token.

 $.ajax({
      type: "POST",
      url: 'https://accounts.google.com/o/oauth2/token',
      data: {
        client_id: "695230079990.apps.googleusercontent.com",
        client_secret: 'OWasYmp7YQ...4GJaPjP902R',
        refresh_toke: '4/hBr......................xwJCgQI',
        grant_type: 'refresh_token'
      },
      success: function(response) { 
        alert(response);
      }

    });

but I have error 400;

question 2) when I try to change redirect url I have that error: *

Invalid parameter value for redirect_uri: Non-public domains not allowed: https://sampl.ecom

so, must I create web applications Client ID , instead of installed application from google APIs console? Can't I change Redirect URI in installed application? I'm confused, I don't know, which should I use.

1
oauthoauth-2.0google-drive-apigoogle-drive-realtime-api

1 Answers

0
votes

1) when you try to have offline access, you get authorization code which may be redeemed for an access token and a refresh token.

For isntance:

https://accounts.google.com/o/oauth2/auth?access_type=offline
&approval_prompt=auto
&client_id=[your id]
&redirect_uri=[url]
&response_type=code
&scope=[access scopes]
&state=/profile

after you get authorization code, you cat get refresh token.

 static Credential exchangeCode(String authorizationCode)
      throws CodeExchangeException {
    try {
      GoogleAuthorizationCodeFlow flow = getFlow();
      GoogleTokenResponse response =
          flow.newTokenRequest(authorizationCode).setRedirectUri(REDIRECT_URI).execute();
      return flow.createAndStoreCredential(response, null);
    } catch (IOException e) {
      System.err.println("An error occurred: " + e);
      throw new CodeExchangeException(null);
    }
  }

See the section on Implementing Server-side Authorization tokens for more information.

and after you get refresh token , you must save it. see that sample for mor information.

2) If you don't have installed application, you should create web applications to change redirecting URL.