12

I'd like to make an application that could access MY own Google Drive anytime, create files there, share them and so on. According to https://developers.google.com/drive/service-accounts "Use regular Google accounts as application-owned accounts" the only think I need is to get access_token and refresh_token once, store them in my application and using refresh_token I can refresh my access_token (somehow).

I can get access_token using request something like https://accounts.google.com/o/oauth2/auth?scope=https://www.googleapis.com/auth/drive.file&redirect_uri=http://localhost;response_type=token&client_id=

After approve this application request in user dialog I will be redirected to my localhost and I will get access_token that expires in 3600 seconds.

The questions are:

1. How to get a refresh_token?
2. How to refresh access_token using refresh_token?

I don't want to use Google's API client library because it's terrible (.NET).

Improve this question
2
  • Sorry you found the client library terrible. Which language are you using? Commented Nov 19, 2012 at 15:29
  • Sorry. I didn't mentioned that... I use C# (.NET) Commented Nov 19, 2012 at 15:47

1 Answer 1

Reset to default
21

Ok I got it. The answer can be found here: https://developers.google.com/accounts/docs/OAuth2WebServer#offline

First You have to make an Auth request

    <form method="POST" action="https://accounts.google.com/o/oauth2/auth">
        <input type="hidden" name="scope" value="[YOUR SCOPE]"/>
        <input type="hidden" name="client_id" value="[YOUR CLIENT ID]"/>
        <input type="hidden" name="response_type" value="code"/>
        <input type="hidden" name="redirect_uri" value="[YOUR RETURN URL]"/>
        <input type="hidden" name="access_type" value="offline"/>
        <input type="submit"/>
    </form>

Then you will get a 'code' to your return_url

Then you need to exchange the code to access_token and refresh_token

        <form method="POST" action="https://accounts.google.com/o/oauth2/token">
            <input type="text" name="code" value="[CODE YOU GOT IN PREV STEP]"/>
            <input type="hidden" name="client_id" value="[YOUR CLIENT ID]"/>
            <input type="hidden" name="client_secret" value="YOUR CLIENT SECRET"/>
            <input type="hidden" name="grant_type" value="authorization_code"/>
            <input type="hidden" name="redirect_uri" value="YOUR REDIRECT URL"/>
            <input type="submit"/>
        </form>

As a result of this you will bet response like:

{
  "access_token" : "[HERE YOU ACCESS TOKEN]",
  "token_type" : "Bearer",
  "expires_in" : 3600,
  "id_token" : "eyJhbGciOiJSUzI1NiIsImtpZCI6ImRiMjBlNWMwZGU1YWI0MGRjNTU5ODBkM2EzYmZlNDdlOGM2NGM5YjAifQ.eyJpc3MiOiJhY2NvdW50cy5nb29nbGUuY29tIiwiY2lkIjoiMjQ2ODg5NjU3NDg2LmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tIiwiYXVkIjoiMjQ2ODg5NjU3NDg2LmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tIiwidG9rZW5faGFzaCI6IjRURGtlQ0MzVWRPZHoyd2k1N2RnaUEiLCJpZCI6IjExNTI0MDk1NDM0Njg1NTU4NjE2MSIsImlhdCI6MTM1MzQwNDQ3MCwiZXhwIjoxMzUzNDA4MzcwfQ.Va98sh9LvMEIWxpRMFkcuFqtDAUfJLN5M__oJyjvmIxQR9q2NUIoocyjqbNyXc7as_ePQYiUjajx0SCumtR4Zhv-exeJfrKA_uMmJTe7jWhK6K2R3JQ2-aIZNnehpEuhYZBXgLhzYz1mlFrLqQTdV6LjDhRPDH-ol4UKWXfbAVE",
  "refresh_token" : "[HERE YOUR REFRESH TOKEN]"
}

Now you can store these tokens in your application and use for unlimited time refreshing the access_token every 3600 secs

            <form method="POST" action="https://accounts.google.com/o/oauth2/token">
                <input type="text" name="refresh_token" value="[YOUR REFRESH TOKEN]"/>
                <input type="hidden" name="client_id" value="[YOUR CLIENT ID]"/>
                <input type="hidden" name="client_secret" value="[YOUR CLIENT SECRET]"/>
                <input type="hidden" name="grant_type" value="refresh_token"/>
                <input type="submit"/>
            </form>

And each time you make this request you will get a new access_token

{
  "access_token" : "[NEW ACCESS TOKEN]",
  "token_type" : "Bearer",
  "expires_in" : 3600,
  "id_token" : "eyJhbGciOiJSUzI1NiIsImtpZCI6ImRiMjBlNWMwZGU1YWI0MGRjNTU5ODBkM2EzYmZlNDdlOGM2NGM5YjAifQ.eyJpc3MiOiJhY2NvdW50cy5nb29nbGUuY29tIiwiYXVkIjoiMjQ2ODg5NjU3NDg2LmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tIiwidG9rZW5faGFzaCI6ImpyYk5oNkRHZFN4Y0w5MUI5Q1hab2ciLCJpZCI6IjExNTI0MDk1NDM0Njg1NTU4NjE2MSIsImNpZCI6IjI0Njg4OTY1NzQ4Ni5hcHBzLmdvb2dsZXVzZXJjb250ZW50LmNvbSIsImlhdCI6MTM1MzQwNTU5OSwiZXhwIjoxMzUzNDA5NDk5fQ.mGN3EYOX75gPubr3TqWIOBkfq-o3JBXMXx4MbxEBGMSuPdJi7VTqZa4isyR-st-J5_wTtA-j8tVQYnDeZDxj5KpJ14FFQPKTtv_VI5kvuT55KyOmGu4yidciYoffJMISisr8NqiksbemaiYX900sRv6PmoTA6Nf6VtHgj3BZjWo"
}
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

What did you use for scope
@Anubis how to logout from login account.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.