refresh_token is missing in Google OAuth2 .Net HttpPost request for access_token

1
votes

In my Google OAuth request using .Net HttpPost refresh_token value is missing.

Reference: https://developers.google.com/identity/protocols/oauth2/web-server#exchange-authorization-code enter image description here

My input HTTP post request -

...google oauth post request details..url - (https://accounts.google.com/o/oauth2/token)...
and the postData - (client_id=<client_id>&client_secret=<client_secret_key>&grant_type=authorization_code&redirect_uri=<redirect_url>&code=<authorization_code>&access_type=offline&prompt=consent&approval_prompt=force)

Note: I have a valid response with access_token. However, refresh_token object value with empty record.

Please help.

I already reviewed these links - Not receiving Google OAuth refresh token

1
google-apigoogle-oauthaccess-tokengoogle-api-dotnet-clientrefresh-token

1 Answers

1
votes

The call to exchange the authorization code for an access token and refresh token looks as follows.

HTTP POST https://accounts.google.com/o/oauth2/token
code=4/X9lG6uWd8-MMJPElWggHZRzyFKtp.QubAT_P-GEwePvB8fYmgkJzntDnaiAI&client_id={ClientId}&client_secret={ClientSecret}&redirect_uri={redirectURI}&grant_type=authorization_code

You dont use access_type , approval_prompt, prompt as part of the exchange for the authorization code those are included in the HTTP GET request that shows the consent screen.

Here you can add access_type, if you have created web credentials client on google developer console.

HTTP GET https://accounts.google.com/o/oauth2/auth?client_id={clientid}&redirect_uri=urn:ietf:wg:oauth:2.0:oob&scope=https://www.googleapis.com/auth/analytics.readonly&response_type=code&access_type=offline

If your interested in seeing how the calls are built up this might help. Understanding Google OAuth 2.0 with curl