In my web application(FE: Angular, BE:Flask), i require the user to login using Google and save the refresh token in my database.
After going through the google docs, I understood that refresh token can only be fetched in server side apps. However, the code specified in the documentation doesn't seem to work. Reference : https://developers.google.com/identity/sign-in/web/server-side-flow
I get an error in step 7, https://developers.google.com/identity/sign-in/web/server-side-flow#step_7_exchange_the_authorization_code_for_an_access_token
from apiclient import discovery
import httplib2
from oauth2client import client
# (Receive auth_code by HTTPS POST)
# If this request does not have `X-Requested-With` header, this could be a CSRF
if not request.headers.get('X-Requested-With'):
abort(403)
# Set path to the Web application client_secret_*.json file you downloaded from the
# Google API Console: https://console.developers.google.com/apis/credentials
CLIENT_SECRET_FILE = '/path/to/client_secret.json'
# Exchange auth code for access token, refresh token, and ID token
credentials = client.credentials_from_clientsecrets_and_code(
CLIENT_SECRET_FILE,
['https://www.googleapis.com/auth/drive.appdata', 'profile', 'email'],
auth_code)
# Call Google API
http_auth = credentials.authorize(httplib2.Http())
drive_service = discovery.build('drive', 'v3', http=http_auth)
appfolder = drive_service.files().get(fileId='appfolder').execute()
# Get profile info from ID token
userid = credentials.id_token['sub']
email = credentials.id_token['email']
I found a solution, with a slight modification to the following response, https://stackoverflow.com/a/50616780/11997783
Change the signIn function from
to
With grantOfflineAccess() we will be able to get the Authorization Code.
Additional reference : https://developers.google.com/identity/sign-in/web/reference#gapiauth2clientconfig