Important: Please read the Qt Code of Conduct - https://forum.qt.io/topic/113070/qt-code-of-conduct

(Re)storing tokens from OAuth2



  • Good afternoon.
    Since Google removed C++ library from the Admin API I have been forced to write my own. The parts that I need at least.
    It works, user gets authorisation for the scopes required, I am able to poll the data, post changes to relevant APIs etc.

    Problem: each time user runs the program in order to get token one gets their browser window open and needs to authorise access. And then new tokens are issued - one for current access used in OAuth2 and the refresh token, to be used one the first one expires (there is a TTL expressed in seconds that comes with the first token). I can, of course, store those tokens and that I do. But when I set them back on start, user gets the whole authorisation through browser cycle again.

    Code to save tokens:

    void GSuiteWrapper::saveToken(const QVariantMap &tokens) {
        QSettings settings;
        settings.beginGroup("tokens");
        settings.setValue("current",tokens.value("access_token"));
        settings.setValue("expiry",tokens.value("expires_in"));
        settings.setValue("refresh",tokens.value("refresh_token"));
        settings.endGroup();
        settings.sync();
    }
    

    To load (oauth2 is of type QOAuthAutorizationWorkflow)

           settings.beginGroup("tokens");
           oauth2.setToken(settings.value("current").toString());
           oauth2.setRefreshToken(settings.value("refresh").toString());
           settings.endGroup();
    

    My understanding is that after setting the tokens program should be able to make a call to the API and even if current token expired the refresh one will be used to obtain new token?
    Also, I am not setting up TTL of the token upon load - can this be of issue?
    Google documentation is not very detailed on that or I can't read it properly.
    Can anyone advise me on this please?
    Many thanks in advance.


Log in to reply