Update Google's access_token
1. User logged in via Google account.
2. I want to issue custom request to Google using access_token from user's identity.
3. It works fine some time after logging in, but later Google says, that access_token is expired.
4. I want to refresh access token by PUT https://myapp.api.oneall.com/identities/xxx/synchronize.json. It returns HTTP 400 and message "The provider did not accept the stored access_token, it is either invalid or expired. Please ask the user to re-login."
My question: what is wrong? How to update connection info (access_token actually) of Google identity or any other social network in roght way?
2. I want to issue custom request to Google using access_token from user's identity.
3. It works fine some time after logging in, but later Google says, that access_token is expired.
4. I want to refresh access token by PUT https://myapp.api.oneall.com/identities/xxx/synchronize.json. It returns HTTP 400 and message "The provider did not accept the stored access_token, it is either invalid or expired. Please ask the user to re-login."
My question: what is wrong? How to update connection info (access_token actually) of Google identity or any other social network in roght way?
Best Answer
-
Claude_SchlesserAdministratorOneAll Team
Hi Alexander,
The refresh_token is only provided on the first authorization from the user. Subsequent authorizations will not return the refresh_token again.
Could it be that you have removed the identity during your tests? This would then also have removed the refresh token and it would not be retrieved on subsequent logins.
What you can do for your tests is:
* Go to your Google account security settings: https://www.google.com/settings/u/1/security.
* Click the edit button next to "Authorizing applications and sites".
* Then click "Revoke Access" next to your app.
* The next request you make will return a refresh_token.
Regards,
This discussion has been closed.
Welcome!
Please sign in to your OneAll account to ask a new question or to contribute to the discussions.
Please click on the link below to connect to the forum with your OneAll account.
Information
Products & Services
Categories
- 2.2K All Categories
- 1.1K General
- 1.1K Questions
- 46 Suggestions
- 592 Implementation
- 10 Single Sign On
- 16 LoudVoice
- 658 Turnkey Plugins
- 42 Drupal
- 33 Joomla!
- 21 Magento
- 22 myBB
- 84 Opencart
- 125 phpBB
- 39 PrestaShop
- 31 Simple Machines Forum
- 9 Vanilla
- 17 vBulletin
- 8 WHMCS
- 221 WordPress
- 6 ZenCart
Answers
In the request to the synchronize endpoint, did you add try to include some POST data?
To set "update_user_data" to false and "force_token_update" to true, for example.
Regards.
yes, I tried any combination of true/false with update_user_data and force_token_update. Answer is the same.
could you please post the identity_token that you are using?
Regards,
The API response includes a refresh token. You can use this to refresh the access token.
The Oneall synchronize endpoint does this, and basic testing shows it currently working.
So, odd, but we'll be looking into it some more though.
Regards
Claude_Schlesser, my identity token is d513d59a-c6a7-455f-b454-adb5c7ae63bc. It was created yesterday and worked fine. Today it doesn't work.
GET request to https://truststamp.api.oneall.com/identities/d513d59a-c6a7-455f-b454-adb5c7ae63bc.json
gives 200 answer with:
... "access_token": { "key": "ya29.sAL9cZgrQQmdndfeNiJFtZODK-re-ukU9lUvYu5estJtVcslTBq2MpBxMRplYucaUm0", "date_expiration": "03/25/2016 15:44:47" } ...So, access_token is expired.
PUT request to https://truststamp.api.oneall.com/identities/d513d59a-c6a7-455f-b454-adb5c7ae63bc/synchronize.json with any combination of update_user_data and force_token_update gives me:
... "status": { "flag": "error", "code": 400, "info": "The provider did not accept the stored access_token, it is either invalid or expired. Please ask the user to re-login." } ...Fred_Pinel, which request gives me refresh token? I didn't found it.
The identity endpoint (the GET request to https://truststamp.api.oneall.com/identities/d513d59a-c6a7-455f-b454-adb5c7ae63bc.json) should return the refresh token, in addition to the access token (right after it actually).
Do you see it?
Regards
Currently, I have
https://truststamp.api.oneall.com/identities/494c0a17-f80d-49e1-87b2-ef7587f26230.json
GET request to this URL returns no refresh token near access_token or anywhere in the response:
"response": { "request": { "date": "Wed, 30 Mar 2016 10:35:09 +0200", "resource": "/identities/494c0a17-f80d-49e1-87b2-ef7587f26230.json", "status": { "flag": "success", "code": 200, "info": "Your request has been processed successfully" } }, "result": { "data": { "identity": { "user_token": "a02e6dfe-f3a5-40d1-b099-fd0bdd793d35", "identity_token": "494c0a17-f80d-49e1-87b2-ef7587f26230", "date_creation": "Wed, 30 Mar 2016 09:04:26 +0200", "date_last_update": "Wed, 30 Mar 2016 09:04:26 +0200", "provider": "google", "provider_identity_uid": "xxxxxxxxxxxxxxxxxxxxxxx", "source": { "name": "Google", "key": "google", "access_token": { "key": "ya29.tQKWxxxxxxxxxxxxxxxxxxxxxxx", "date_expiration": "03/30/2016 10:04:25" } }, ...Thanks a lot!
For our information, did you delete the identity of the user before?
Thanks.
are you have any update for this issue?