How to get google OIDC access token and refresh token?

0
votes

I want to use google as an id provider for OIDC protocol. I have a simple app. it starts, correctly redirects to google and then back to the app, prints user details and stores them in session. however, this authentication seems to come from id token and it has the only 1h of expiration time

my yml:

spring.security.oauth2.client.registration.google:
            client-id: xxxxxxxxx
            client-secret: xxxxxxxxx

my application:

@SpringBootApplication
class DemoApplication

fun main(args: Array<String>) {
    runApplication<DemoApplication>(*args)
}

@RestController
class MyController {

    @GetMapping("/sample")
    fun sample(auth : Authentication) = auth.toString()
}

now I would like to get the access token and refresh token. how can I do it? I don't even have the id token as a string.

What is the URL to get both tokens?

Any examples with curl or simple web application?

2
javaspringoauth-2.0google-oauthopenid-connect

2 Answers

0
votes

which type of spring security are you implementing in your application like with JWT or basic auth? both have different custom ways in spring to implement google single sign on feature..

0
votes

you get the tokens you ask for, ask for the offline_access scope to get the refresh token and ask for a scope or two that represents the resource that you want to access, to get the access token.