Refresh token not being returned in oauth2info

[Mike Swan]

Hi All,

I have scoured the group and the Internet (SO, etc.) and I can't find any direction.  For some reason a refresh token is not being returned through the API along with the access token.  

My auth URL looks like this:

https://accounts.google.com/o/oauth2/auth?state=10&response_type=code&client_id=xxxx.apps.googleusercontent.com&redirect_uri=http%3A%2F%2Fdomain.com%2Fapi%2Foauth2return-Adwords.php&scope=https%3A%2F%2Fadwords.google.com%2Fapi%2Fadwords%2F&access_type=offline

It returns this:

http://domain.com/api/oauth2return-Adwords.php?state=10&code=xxx

Which gets put through this script:

$callbackUrl = "http://domain.com/api/oauth2return-Adwords.php";

 

// Create a new user and set the oAuth settings

$user = new AdWordsUser();

$user->SetOAuth2Info(array(

    "client_id" => 'xxx.apps.googleusercontent.com',

    "client_secret" => "xxx"

));

$authCode = $_REQUEST['code'];

$OAuth2Handler = $user->GetOAuth2Handler();

$user->SetOAuth2Info($OAuth2Handler->GetAccessToken($user->GetOAuth2Info(), $authCode, $callbackUrl));

Everything works fine, but this is all I am getting back:

[oauth2Info:AdsUser:private] => Array

        (

            [client_id] => xxxx.apps.googleusercontent.com

            [client_secret] => xxxxxxx

            [access_token] => ya29.xxxxxxxxxxxxx

            [token_type] => Bearer

            [expires_in] => 3599

            [timestamp] => 1401998014

        )

So I can pull the data I need, but I have to reauthorize every time.  This is using an MCC.  Is there something I am missing?  

Thanks for your help.

Mike

[Josh Radcliff (AdWords API Team)]

Hi Mike,

This is, admittedly, a bit of a wild guess, but I noticed that when I went through the refresh token example my auth URL did not include a state parameter. Maybe give it a shot with that parameter removed?

Cheers,

Josh, AdWords API Team

[Mike Swan]

Hi Josh,

I removed the state parameter and same result: new auth creds, able to pull data, but no refresh token included.  Anything other ideas?   I noticed my CC in my billing preferences expired, does this have anything to do with it?  Like I said, I can pull data, just have to re-authenticate each time.  Thanks for your attention.

Mike 

[Rob]

Hi Mike,

Have you tried adding the prompt=consent flag to your request? If you've already authorized the app once before, then this flag seems to be required in order to get a refresh token on subsequent requests.

https://developers.google.com/accounts/docs/OAuth2Login#re-consent

[jody stein]

I am running into the same problem. I have not made any changes however I am not able to add new users. The refresh token is no longer being returned. 

Here is the request URL I am using. 

https://accounts.google.com/o/oauth2/auth?prompt=consent&response_type=code&client_id=xxxx.apps.googleusercontent.com&redirect_uri=https%3A%2F%2Fdomain.com%2Fgoogleredirect.php&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fadwords&access_type=offline

I receive the response with no error. However the refresh_token is no longer being sent. 

https://domain.com/pro/login/googleredirect.php?code=4/xxx

Am I doing something wrong here? or did something change recently?

Any help would be greatly appreciated!

[Josh Radcliff (AdWords API Team)]

Hi,

I may be misunderstanding your question, but I think you're missing a step. After the user accepts the OAuth prompt, your redirect endpoint will receive an authorization code (the https://domain.com/pro/login/googleredirect.php?code=4/xxx request below), which it then must submit in order to get the refresh token, as illustrated in the OAuth guide.

Thanks,

Josh, AdWords API Team

[jody stein]

Yes here is the PHP to process the code returned which used to return refresh_token an now returns just the client_id and client_secret. I am using the right paramenters, access_type=offline and tried adding prompt=consent. 

$user = new AdWordsUser();

$user->LogAll();

$handler = $user->GetOAuth2Handler();

$oauth2Info = $handler->GetorRefreshAccessToken($user->GetOAuth2Info(), $code, $redirectUri);

// I also tried this version just in case which returns the same thing

//$oauth2Info = $handler->GetAccessToken($user->GetOAuth2Info(), $code, $redirectUri);

$user->SetOAuth2Info($oauth2Info);

if(isset($oauth2Info['refresh_token'])){

$refreshtoken=$oauth2Info['refresh_token'];

$accesstoken=$oauth2Info['access_token'];

$timestamp = isset($oauth2Info["timestamp"]) ? $oauth2Info["timestamp"] : 0;

$expiresIn = isset($oauth2Info["expires_in"]) ? $oauth2Info["expires_in"] : 0;

//do the rest of the processing to save token

}

Does that make more sense?

[Josh Radcliff (AdWords API Team)]

Hi,

Thanks, that clears things up a bit.

I just tried running the GetRefreshToken.php example using my account and I was able to obtain a refresh token without issues. Could you modify your code so that you log the contents of $oauth2Info? I'd be curious to see what (if anything) is set on that object.

If you post the contents here, please make sure you remove any sensitive information first.

Thanks,

Josh, AdWords API Team