Handle Google refresh token

[haacked]

My OAuth token used to access the People API expires after some time. I then have to log out and log back in to get a new one. I should be handling the refresh token to get a new token automatically so I don't have to log out and log back in.

[haacked]

I think the approach I should take is to add middleware that checks if the access token is expired (not sure yet how to do that) and if it is, go through the refresh token flow. That middleware has to issue new cookies and save the refresh token associated with the user.

Unfortunately, it’s been hard to find docs that show how to do this with the Google client library. You would think someone has a solution for this already.

[haacked]

Actually, I don't think middleware is the right approach. I wish there was more guidance on this. 😆

According to https://stackoverflow.com/a/52176000/598, the way to do this is to do it in the OnValidatePrincipal event of CookieAuthenticationEvents. I should check to see if the current credentials are expired, and if so, use the refresh token to retrieve new tokens.

As much as possible, I'd like to use the Google API .NET Client (https://developers.google.com/api-client-library/dotnet) to make these requests rather than using raw HTTP Client.