Google API oauth2 token expires?

1
votes

I have a problem with google api and oauth2 token.

There is an app which allows to synchronize contacts / calendar with your google account by oauth2 token.

When first time user wants to connect with his google account, he needs to grant access , then app is receiving code/token which is saved and will be used for offline synchronization later.

function getClient($app) 
{       
    $client = new Google_Client();
    $client->setAuthConfig("path_to_secret.json");

    switch($app)
    {
        case 'contacts':
        $client->addScope(Google_Service_Script::WWW_GOOGLE_COM_M8_FEEDS);
        $client->addScope(Google_Service_People::USERINFO_EMAIL);
        break;

        case 'calendar':
        $client->addScope(Google_Service_Calendar::CALENDAR);
        break;

        default:
        throw new Exception('API Callback not defined in setup');
    }

    $client->setAccessType('offline'); // offline access
    $client->setIncludeGrantedScopes(true);   // incremental auth
    $client->setRedirectUri(GOOGLE_APP_URL . $app.'/callback.php');
    return $client;
}

(there are different tokens for contacts and calendar)

The synchronization script:

...
try
{
    $client = getClient('calendar');
    $client->setAccessToken(unserialize($accessToken));
    $http = $client->authorize();

    $service = new Google_Service_Calendar($client);

    ...
}

$accessToken is a serialized string like:

a:5:{s:12:"access_token";s:131:"******token_here********";s:10:"token_type";s:6:"Bearer";s:10:"expires_in";i:3598;s:8:"id_token";s:902:"***id_token****";s:7:"created";i:1505178047;}

This is working for first time and couple more times but after some time(hours) there is an error:

Error: {"error": { "errors": [ { "domain": "global", "reason": "authError", "message": "Invalid Credentials", "locationType": "header", "location": "Authorization" } ], "code": 401, "message": "Invalid Credentials" }}

What I am doing wrong?

What is interesting that for contacts synchronization works fine all the time (access token has the same attributes as in calendar synchronization )

1
phpoauth-2.0google-apigoogle-calendar-api
You probably need a refresh token - delboy1978uk
What version of Google API Client do you use? - Sergey Chizhik
It's version 2.0 - Pawel
I didn't get refresh token with access token..and in contacts synchronization I also don't have refresh token and it is working fine all the time.. Is it working different for Google Calendar ? - Pawel
If I'm not mistaken, Google API Client may have an internal mechanism which is automatically refreshing access_token, if it's needed. When you authorizing any user by code – you might have refresh_token, which allows you to get new access_token, when last is expired (just with access type == 'offline'). What changes did you make before you get this error? - Sergey Chizhik

1 Answers

3
votes

Ok, propably solved - refresh_token is provided for the first time only, so when I was testing it more times then I didn't get refresh token. When I revoked access in https://myaccount.google.com/u/0/permissions and connected again then I received also refresh token. I assume now it will work properly