ahmad-punch
commented
4 years ago Any update here guys??
Open JoeVanGundy opened 4 years ago
ahmad-punch
commented
4 years ago Any update here guys??
ShehabSN
commented
4 years ago Same question here, I plan on making additional api calls so i need the authorization code to exchange to tokens but I also need the id_token since im using firebase and Its needed to sign in with the id token as a credential. From the docs it seems its not possible to get both at the same time...
flandrade
commented
3 years ago @JoeVanGundy It's not possible, but you can use your one-time authorization code to get the accessToken. You can get more details of this workflow here:
To use Google services on behalf of a user when the user is offline, you must use a hybrid server-side flow where a user authorizes your app on the client side using the JavaScript API client and you send a special one-time authorization code to your server. Your server exchanges this one-time-use code to acquire its own access and refresh tokens from Google for the server to be able to make its own API calls
Here is a quick code snippet for Node.js:
const {OAuth2Client} = require('google-auth-library');
function getCredentials(code, scope) {
return new Promise((resolve, reject) => {
// create an oAuth client to authorize the API call
const oAuth2Client = new OAuth2Client(
YOUR_CLIENT_ID,
YOUR_CLIENT_SECRET,
YOUR_REDIRECT_URL
);
// Generate the url that will be used for the consent dialog.
const authorizeUrl = oAuth2Client.generateAuthUrl({
access_type: 'offline',
scope
});
// Verify the integrity of the idToken through the authentication code and use the user information contained in the token
const { refresh_token, access_token } = await client.getToken(code)?.tokens;
...
}I hope this helps!
Google has
grantOfflineAccesswhich returns the authorization code. However, if I make this call on my own, it prompts the user to sign in again.Is it/would it be possible to allow both "id_token" and "code" as responseTypes?