Bug #7292


Refresh token and access type

Added by max p over 4 years ago. Updated over 4 years ago.

Target version:
Start date:
Due date:
% Done:


Estimated time:



Class OAuthProcess (OAuthService.C) is lacking a possibility to set the access type: online or offline, which is required to get a refresh token together with an access token from google.

Adding the following code for offline access seems to be working (refresh token is returned from google):

Method authorizeUrl:

url << (hasQuery ? '&' : '?') << "access_type=offline" << ... and here goes the rest of the code

Method handleAuthComplete:

ss << "access_type=offline" << ... and here goes the rest of the code

Also there is invalid JSON name for refresh token:

Method parseJsonToken:

there should be 'refresh_token' instead of 'refreshToken':

std::string refreshToken = root.get("refresh_token").orIfNull("");

Is it possible to add a setter in OAuthProcess to select between access_type in offline and online?

Actions #1

Updated by max p over 4 years ago

I'm not sure if it is related, but sometimes during google authorization, the extra window with consent does not disappear and wt gives me following entries in the log:

[2019-Oct-22 18:09:50.657] "GET /google-oauth2callback?state=RXYyZlpjU1V5aEtaelpOQklsU3RTRnNMU2p3PXxodHRwczovL3BsYW5uZXI0bWUuY29tLz93dGQ9Q3VhSGtjNUhhSXdpelNndyZyZXF1ZXN0PXJlc291cmNlJnJlc291cmNlPW94cWNxdjkmcmFuZD0w&code=4%2FsQGkHTv4KrsO_2YCuYXesCmxeSuXbImlGSPvcq46B5IDRI4v_42egixfkoN7Oa_qiyOgt2FBqsIxnnfpVNraPu4& HTTP/1.1" 302 0

[2019-Oct-22 18:09:50.658] 2622 - [info] "WebRequest: took 0.784 ms"

[2019-Oct-22 18:09:50.671] 2622 - [info] "Wt: session created (#sessions = 3)"

[2019-Oct-22 18:09:50.672] 2622 [/ O97Tb8NoVXRyLOda] [info] "WEnvironment: UserAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/77.0.3865.90 Chrome/77.0.3865.90 Safari/537.36"

[2019-Oct-22 18:09:50.672] 2622 [/ O97Tb8NoVXRyLOda] [info] "Wt: not serving this." - - [2019-Oct-22 18:09:50.673] "GET /?wtd=CuaHkc5HaIwizSgw&request=resource&resource=oxqcqv9&rand=0&state=RXYyZlpjU1V5aEtaelpOQklsU3RTRnNMU2p3PXxodHRwczovL3BsYW5uZXI0bWUuY29tLz93dGQ9Q3VhSGtjNUhhSXdpelNndyZyZXF1ZXN0PXJlc291cmNlJnJlc291cmNlPW94cWNxdjkmcmFuZD0w&code=4%2fsQGkHTv4KrsO_2YCuYXesCmxeSuXbImlGSPvcq46B5IDRI4v_42egixfkoN7Oa_qiyOgt2FBqsIxnnfpVNraPu4 HTTP/1.1" 200 45

[2019-Oct-22 18:09:50.673] 2622 - [info] "WebRequest: took 2.585 ms"

[2019-Oct-22 18:09:50.674] 2622 - [info] "WebController: Removing session O97Tb8NoVXRyLOda"

[2019-Oct-22 18:09:50.674] 2622 [/ O97Tb8NoVXRyLOda] [info] "Wt: session destroyed (#sessions = 2)"

I can do like 10 trials, extra window never disappears and wt says "not serving this" but then randomly it starts to work - even if I try to perform always the same steps.

Any idea what is going on? Can I provide some more data?

Actions #2

Updated by Roel Standaert over 4 years ago

That refreshToken instead of refresh_token does look like an error.

However, access_type seems to be non-standard? It's just something that Google does, I think. Maybe it's an option to add it to GoogleService, but I think you can also just use setAuthEndpoint("").

Actions #3

Updated by Roel Standaert over 4 years ago

I pushed a commit for the refresh_token thing.

Actions #4

Updated by Roel Standaert over 4 years ago

As for "not serving this", this is logged when Wt gets a request with a request URL parameter that is not jsupdate, jserror, script, or page for a new session.

I assume that would mean it's either style or resource (or some value that Wt doesn't know).

So I guess that this request:

GET /?wtd=CuaHkc5HaIwizSgw&request=resource&resource=oxqcqv9&rand=0&state=RXY...&code=4%2...

is refused by Wt, because it's a resource request for a web session (CuaHkc5HaIwizSgw) that Wt doesn't know.

I guess that's maybe the session id of a session that doesn't exist anymore? Can you find that same session id earlier on in the logs?

Actions #5

Updated by max p over 4 years ago


thanks for pushing refresh_token and giving a hint to solve access_type.

When it comes to "not serving this" - I need to implement other features in my project, so I need some time till I can return to this topic.


Also available in: Atom PDF