Skip to content
Advertisement

social-auth-app-django: Refresh access_token

I use social-auth-app-django for my django website. Login all works, but after the token expires. I cant access the google’s user data anymore. I found how to refresh the token, but it gives

 File "/mnt/s/github/nascentapp/app/booking/management/commands/sendmail.py", line 17, in handle
    new_token = self.get_token(user=booking_user, provider='google-oauth2')
  File "/mnt/s/github/nascentapp/app/booking/management/commands/sendmail.py", line 28, in get_token
    social.refresh_token(strategy)
  File "/home/sander/.local/share/virtualenvs/app-YMrBBUv3/lib/python3.6/site-packages/social_core/storage.py", line 58, in refresh_token
    response = backend.refresh_token(token, *args, **kwargs)
  File "/home/sander/.local/share/virtualenvs/app-YMrBBUv3/lib/python3.6/site-packages/social_core/backends/oauth.py", line 438, in refresh_token
    request = self.request(url, **request_args)
  File "/home/sander/.local/share/virtualenvs/app-YMrBBUv3/lib/python3.6/site-packages/social_core/backends/base.py", line 234, in request
    response.raise_for_status()
  File "/home/sander/.local/share/virtualenvs/app-YMrBBUv3/lib/python3.6/site-packages/requests/models.py", line 941, in raise_for_status
    raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 400 Client Error: Bad Request for url: https://accounts.google.com/o/oauth2/token

Here is some of my code

def get_token(self, user, provider):
        social = user.social_auth.get(provider=provider)
        print('This is social of user: ', social)
        if (social.extra_data['auth_time'] + social.extra_data['expires']) <= int(time.time()):
            print('n Token is out of date n')
            strategy = load_strategy()
            social.refresh_token(strategy)
        return social.extra_data['access_token']

in my settings file:

AUTHENTICATION_BACKENDS = (
    'social_core.backends.open_id.OpenIdAuth',  # for Google authentication
    'social_core.backends.google.GoogleOpenId',  # for Google authentication
    'social_core.backends.google.GoogleOAuth2',  # for Google authentication
    'django.contrib.auth.backends.ModelBackend',
)

SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = os.environ.get('DJANGO_SOCIAL_AUTH_GOOGLE_OAUTH2_KEY')  # Paste CLient Key
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = os.environ.get('DJANGO_SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET') # Paste Secret Key

SOCIAL_AUTH_GOOGLE_OAUTH2_SCOPE = [
    'https://www.googleapis.com/auth/calendar.readonly',
    'https://www.googleapis.com/auth/calendar.events'
]

Advertisement

Answer

Fixed it by adding this:

SOCIAL_AUTH_GOOGLE_OAUTH2_AUTH_EXTRA_ARGUMENTS = {
    'access_type': 'offline',
    'approval_prompt': 'auto'
}

If the user already registered, you need to force the prompt first time (otherwhise you dont get the refresh token)

/login/google-oauth2?approval_prompt=force
User contributions licensed under: CC BY-SA
3 People found this is helpful
Advertisement