edjiang
commented
8 years ago Yeah, if you request scopes with offline, they always just show "requests offline access" and gives you the ability to refresh the access token.
Open robertjd opened 8 years ago
edjiang
commented
8 years ago Yeah, if you request scopes with offline, they always just show "requests offline access" and gives you the ability to refresh the access token.
This might be a problem. Today, when using our express-angular sample application, the Google log-in dialog was blatantly asking me for "Offline Access", and not outlining the scopes it wanted.
However, as with most google login issues, I only saw it two or three times (revoking the app access in-between each attempt). I can no longer reproduce.
Has anyone else seen this issue?
This makes me concerned that GoogleUser.grantOfflineAccess() is the wrong API to be using, because we definitely do not want offline access as our default scope request. By default we should only ask for email.