Can't get google refresh token after login with google

manhhoang3151996 · August 30, 2021, 4:22am

When i’m using login with google function, i cant’t get the refresh token.
This is my code:

webAuth.authorize({
                  connection: 'google-oauth2',
                  connection_scope: 'https://www.googleapis.com/auth/calendar,https://www.googleapis.com/auth/calendar.events',
                  scope: 'openid profile',
                  accessType: 'offline',
                  approvalPrompt: 'force'
                }, function(err) {
                  if (err) displayError(err);
                });

And all i get is access_token

I’ve tried to remove access of my app in my google account setting but it doesn’t work.
Can somebody help me, thank you!!

manhhoang3151996 · August 31, 2021, 7:58am

i tried to add param access_type=offline and approval_prompt=force into my url and it work. But when click button login with google in auth0 form, i not see access_type and approval_prompt param. Is it bug from auth0 js?

konrad.sopala · August 31, 2021, 9:07am

Hey there everyone!

I feel the most effective way to handle that would be to raise it as a GitHub issue in the library repo so we can work on that directly with the repo maintainers. Once you have the link to it please share it here so we can ping them.

manhhoang3151996 · August 31, 2021, 9:49am

I’ve already create a new issue on github:

github.com/auth0/auth0.js

Can’t get google refresh token using auth0.js

opened 09:47AM - 31 Aug 21 UTC

closed 12:57PM - 15 Oct 21 UTC

duongmanhhoang

question

### Describe the problem I follow this link https://community.auth0.com/t/cant-…get-google-refresh-token-using-auth0-js/11756 When i’m using login with google function, i can't get the refresh token. This is my code: ``` var params = Object.assign( { overrides: { __tenant: config.auth0Tenant, __token_issuer: config.authorizationServer.issuer, }, domain: config.auth0Domain, clientID: config.clientID, redirectUri: config.callbackURL, responseType: "code", scope: 'openid profile offline_access' }, config.internalOptions ); var webAuth = new auth0.WebAuth(params); webAuth.authorize({ connection: 'google-oauth2', connection_scope: 'https://www.googleapis.com/auth/calendar,https://www.googleapis.com/auth/calendar.events', scope: 'openid profile', accessType: 'offline', approvalPrompt: 'force' }, function(err) { if (err) displayError(err); }); ``` This is what i get from api /api/v2/users/{id}: ![image](https://user-images.githubusercontent.com/36806927/131479642-bbbf2b75-d568-47c9-86f7-9e0241d1ac1f.png) I check param from authorize request and still get access_type ![image](https://user-images.githubusercontent.com/36806927/131480124-7d1a18b7-45dc-47fe-bbce-22652661bdaa.png) And when i check goolge url redirect from auth0 i don't see the access_type param ![image](https://user-images.githubusercontent.com/36806927/131479883-983596c4-25f2-4b03-9809-2c94b6de4ce2.png)

Thank you

konrad.sopala · August 31, 2021, 10:14am

Perfect! Let me ping repo maintainers in a minute!

manhhoang3151996 · September 1, 2021, 2:54am

Hi, i read that if i am using Auth0 Management API, i can’t get refresh token. But it’s auth0 refresh token, not google oauth2 refresh token, right?

manhhoang3151996 · September 1, 2021, 4:08am

When i add state:'' to authorize method, it’s work. I wonder if it has any risks cause i’ve read that state is used to prevent attack?

webAuth.authorize({
                  connection: 'google-oauth2',
                  responseType: "code",
                  state:'',
                  connection_scope: 'https://www.googleapis.com/auth/calendar,https://www.googleapis.com/auth/calendar.events',
                  scope: 'openid profile email offline_access',
                  accessType: 'offline',
                  approvalPrompt: 'force'
                }, function(err) {
                  console.log(err);
                  if (err) displayError(err);
                });