Saving/Restoring OAuth2 tokens
-
Hello,
you also need the string "refreshToken"
refreshtoken and accessToken are different,
but setRefreshToken() and refreshToken() are not implemented.
when granted is achieved, the variable "refreshToken" is not save. because "missing "refresh" token" -
Did you get this to work?
I also have the need to store the token (to avoid entering credentials each time the application starts) but haven't found an official way to do it.
-
Instead of creating a new topic, I'll just reply to this one because I want to do the same thing: (securely) storing my refresh token so I can use it to re-authenticate instead of going through the browser login process every time.
Did anyone get this to work? I am trying to use it for TrainingPeaks which should be compliant to the OAuth2 spec. Authenticating works perfectly. Refreshing the token does not.
When I try to use the
refreshAccessTokenmethod, the flow goes into theRefreshingAccessTokenstage but nothing else happens. When I try again, I get this error:qt.networkauth.oauth2: Cannot refresh access token. Refresh Access Token is already in progress
Note that this also happens when I try to refresh the token after successfully authenticating, not only when trying this after starting the application.
Is there a way to debug this issue? I connected to all signals (that I know of) of the authentication flow but apart from the stage changing, nothing happens. I also called
QLoggingCategory::setFilterRules("qt.networkauth.*=true")but nothing seems to happen. -
In my case, the problem was that client_id and client_secret are not automatically added to the request parameters when refreshing the token.
I added a comment to the relevant bug report: https://bugreports.qt.io/browse/QTBUG-59104
-
Got the same problem.
Here is the way I use ton check and get or refresh my token :void GoogleAPI::grant(bool p_synchronousGrant) { try { if (m_tokenExpiration > QDateTime::currentDateTime()) throw PFHCancelException(); quint16 port(55568); QUrl authorizationUrl("https://accounts.google.com/o/oauth2/v2/auth"); QUrl accessTokenUrl("https://www.googleapis.com/oauth2/v4/token"); QString clientId("yyyyyy"); QString password("xxxxxx"); QOAuthHttpServerReplyHandler* replyHandler = new QOAuthHttpServerReplyHandler(port, this); m_oauth2.setReplyHandler(replyHandler); m_oauth2.setAuthorizationUrl(authorizationUrl); m_oauth2.setAccessTokenUrl(accessTokenUrl); m_oauth2.setClientIdentifier(clientId); m_oauth2.setClientIdentifierSharedKey(password); m_oauth2.setScope(m_scopes.join(' ')); m_oauth2.setRefreshToken(m_refreshToken); QSignalSpy spy(this, SIGNAL(accessGranted())); if (!m_refreshToken.isEmpty()) { m_oauth2.refreshAccessToken(); } else { m_oauth2.grant(); } if (p_synchronousGrant) { if (!spy.wait(60000)) throw PFHException("Google API Connexion Timeout", ""); else logWriter.write("Google API Connexion granted"); } } catch (PFHCancelException &p_e) {} catch (PFHException &p_e) { PFHReThrow(""); } }When the code go through the grant() line, everything is fine and my access is granted well. But if i go through m_oauth2.refreshAccessToken(); I got this answer :
qt.networkauth.replyhandler: Error transferring https://www.googleapis.com/oauth2/v4/token - server replied: Bad RequestWhat's wrong with my method ?
-
Hi,
Well, something wrong was sent as it seems. You might want to check the query that was sent to Google.
-
Thank you for your reply :)
Do you have an idea of how to check the query as it's fully managed by the QOauth2authorizationcodeFlow class. I tried to add the line
QLoggingCategory::setFilterRules("qt.networkauth.*=true");But there's no more information logged :/
-
You could use something like wire shark to analyze the network traffic and see what is going on.
-
In my case, the problem was that client_id and client_secret are not automatically added to the request parameters when refreshing the token.
I added a comment to the relevant bug report: https://bugreports.qt.io/browse/QTBUG-59104
@JeroenDierckx thank you very much , my code works now :
oauth->setModifyParametersFunction([&](QAbstractOAuth::Stage stage, QVariantMap* parameters) { if (stage == QAbstractOAuth::Stage::RefreshingAccessToken) { parameters->insert("client_id" ,oauth->clientIdentifier()); parameters->insert("client_secret" oauth->clientIdentifierSharedKey()); } }); -
@JeroenDierckx thank you very much , my code works now :
oauth->setModifyParametersFunction([&](QAbstractOAuth::Stage stage, QVariantMap* parameters) { if (stage == QAbstractOAuth::Stage::RefreshingAccessToken) { parameters->insert("client_id" ,oauth->clientIdentifier()); parameters->insert("client_secret" oauth->clientIdentifierSharedKey()); } });
