Closed apathyzen closed 1 year ago
@apathyzen From where do you get the refresh token URL? I checked the Google documentation and it is still the one provided from the template. See https://developers.google.com/identity/protocols/oauth2/web-server#exchange-authorization-code (switch to HTTP/REST to see the URL)
@rkaldung I've found https://accounts.google.com/o/oauth2/token in this article: https://csdcorp.com/blog/coding/oauth2-get-a-token-via-rest-google-sign-in/ We've found that it's valid by trial and error. :) Works with two test app credential entries in two different Google Cloud accounts. And there were some more broken OAuth2 entries in Znuny that we already deleted.
@apathyzen I set up a vanilla 6.4.5 test system with an OAuth2 configuration to fetch from a Google Workspace/GSuit account, using the template's URLs. Does it always require a week before failure, or does it sometimes happens earlier?
@rkaldung I didn't time how long exactly does it take to break. "A week" is more of a guess. What's your current Refresh token status? Does Refresh token for token config has expired or is not present show in otrs.log?
That's my (access) token status:
The refresh token is still valid and without an expiration date, not changed tha last 28 hrs.
@apathyzen I will close this issue and mark it with 'won't fix'. There are two reasons for this:
1.) The Google documentation clearly states that the URLs in our template are correct. 2.) I configured freshly installed Znuny 6.4.5 with the data of a newly created GMail App. Over 680 emails were fetched during the last five days with different schedules, including one where the access token expired. Renew of the token was done automatically, as expected.
We used a GSuite domain and mail account. If your setup differs, please let me know.
Environment
Expected behaviour
To add Gmail OAuth2 client ID and secret, then to authorize through Google's consent screen, then have no token expiration or/and refresh errors
Actual behaviour
Described here: https://community.znuny.org/viewtopic.php?f=62&t=43505
How to reproduce
Steps to reproduce the behavior:
Additional information
URL for token by refresh token provided by the template is: https://oauth2.googleapis.com/token URL for token by refresh token should be: https://accounts.google.com/o/oauth2/token
Screenshots