Google OAuth token expiration

I have an app that is displayed on the screen for a Google Calendar. The app is 100% client-side javascript and I would like to store it that way, but the Google OAuth token expiration prevents me from opening the app where it keeps polling the Google API.

I am looking for information from people on how to update a token or request a new token while being completely transparent to the user. Currently, after 3600 seconds, the app has to reprogram access to Google user accounts, and a full redirect causes the app to interrupt.

I tried several other methods, first I tried to use server-side authentication which works well with localStorage but fails when I try to POST the access token after getting the request token, I tried using an iframe and the page neither work :(.

If anyone has any ideas on how to authorize and save a user with google, please share :)


source to share

1 answer

Unfortunately, the only way I have done this is using a webserver as there is no other way to secure your clientserver. If this is an option for you, I have successfully implemented the method described in the following Google documentation:

Basically, I first request offline access on the client, and then successfully, I pass the resulting authorization code for the refresh token using my web server. The refresh token can also be stored in a very long expiration cookie. Every time my access token runs out, I use the refresh token to request a different access token.



All Articles