I am trying to write a Django app which creates events in a specific Google calendar. So far I have been successful. There is only a little problem:
I don\'t
So if you've already accepted consent without setting access_type='offline'
, you need to force the user to consent to your app with offline access by also passing approval_prompt='force'
.
self.flow = OAuth2WebServerFlow(
client_id=self.client_id,
client_secret=self.client_secret,
scope=self.SCOPE,
user_agent=user_agent,
redirect_uri='urn:ietf:wg:oauth:2.0:oob',
access_type='offline', # This is the default
approval_prompt='force'
)
Then you can remove the force prompt/set it to auto
after you get the refresh token.
I don't know how to do this with the Python Client or the Calendar API (I'm just using a ruby OAuth2 library for access to the Contacts API), but I found I needed to request "offline" access from the user.
This is done by adding the an "access_type" parameter with the value "offline" to the authorization url (the one you redirect the user to to click "I want to allow this application to get at my data").
If you do this, you get a refresh_token back in your JSON response when you ask google for access tokens. Otherwise you only get the access token (which is valid for an hour).
This requirement was apparently added recently (and may not be wonderfully documented).
You used to get a refresh token without having to get specific "offline" permission.
Hope this points you in the right direction.
If you follow this manual https://developers.google.com/identity/protocols/OAuth2WebServer and you can not receive refresh_token, try to add prompt='consent' here:
authorization_url, state = flow.authorization_url(
# Enable offline access so that you can refresh an access token without
# re-prompting the user for permission. Recommended for web server apps.
access_type='offline',
prompt='consent',
# Enable incremental authorization. Recommended as a best practice.
include_granted_scopes='true')
Here is described why it can happen
The answers seems to be deprecated as of 2017-06-16.
approval_prompt
is deprecatedprompt=force
is not validHere is a working example:
from oauth2client.client import OAuth2WebServerFlow
flow = OAuth2WebServerFlow(
client_id=CLIEN_ID,
client_secret=CLIENT_SECRET,
scope=SCOPES,
redirect_uri='http://localhost/gdrive_auth',
access_type='offline',
prompt='consent',
)
print(flow.step1_get_authorize_url())