8

To determine when to use a refresh token to ask for a new access token, I'm aware of two approaches (below). Are either of these approaches possible without modifying the passport-google-oauth library?

1) The "pre-emptive" method

  • Save the access token's expiry time when its granted
  • Check the expiry time against the current time whenever using an access token to access the API
  • If the access token is not expired, use it to access the API
  • If the access token is expired (or close to being expired), supply the refresh token to get a new access token

2) The "handle failure" method

  • Always supply access token
  • If the access token fails to authenticate, supply the refresh token, get a new access token

Thanks. Also welcome any alternatives.

Improve this question

2 Answers 2

Reset to default
7

Note that Passport does not actively use the access token or refresh token, other than to fetch the user profile during login. You're application is responsible for using these tokens when making whatever API requests are necessary. As such, you can implement either method you describe, Passport is not involved in the process.

See also: https://github.com/jaredhanson/passport-google-oauth/issues/23

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

you are a real hero :-D
6

I wrote a plugin to make handling this a little easier: https://github.com/fiznool/passport-oauth2-refresh

Improve this answer

2 Comments

Very nice, thank you - integrates passport-google-oauth and google-api-nodejs-client with edit-google-spreadsheet very smoothly.
See 4. Dynamic Token, under basic usage here: github.com/jpillora/node-edit-google-spreadsheet, where I now just call through to refresh.requestNewAccessToken()

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.