google / oauth2l

oauth2l ("oauth tool") is a simple CLI for interacting with Google API authentication.
Apache License 2.0
650 stars 81 forks source link

Same access_token after refresh #154

Open vvscode opened 1 year ago

vvscode commented 1 year ago

Hey. Is it expected to have the same access token on calling fetch with --refresh?

Just based on the naming I would expect to have different tokens in output, but I do have the same

Screenshot 2023-08-31 at 10 44 49

P.S. the original problem I'm trying to solve is to understand why google API gives me invalid_token while oauth2l info says that token is ok

andyrzhao commented 1 year ago

Hi there, from the top of my head:

  1. The refresh parameter is used to refresh expired access tokens (using a valid refresh_token, and skips the user consent screen), so it's possible that the token has not expired, and refreshing was skipped. You can try deleting the cache to force a new token to be fetched.
  2. If you get "invalid_token" from google backend, it could be due to using the incorrect scope (normally, you will need cloud-platform as the scope, see ReadMe.) There could also be a formatting error, I wouldn't know until you provide more details. Hope that helps!