2

I am using the google sheets API with PHP and followed the quick start guide that can be found over here https://developers.google.com/sheets/quickstart/php

When I do authorize properly and store the follow json file in a speicfied path

{ "access_token": "xxxxxxx", "token_type": "Bearer", "expires_in": 3600, "refresh_token": "xxxxxx", "created": 1472731452 }

After this expires the following gets triggered in my code

if ($client->isAccessTokenExpired()) { $client->fetchAccessTokenWithRefreshToken( $client->getRefreshToken() ); $this->filesystem ->put( self::CREDENTIALS, json_encode($client->getAccessToken()) ); }

Now my issue is when that code gets triggered it will update my file to something like the following.

{ "access_token": "xxxxxxx", "token_type": "Bearer", "expires_in": 3600, "created": 1472731452 }

As you can see there is no refresh token anymore. When this token expires I start getting the following error

[LogicException] refresh token must be passed in or set as part of setAccessToken

Which is perfactly understandable because I don't have the refresh token there anymore.

My question is why is the refresh token getting removed? I am call the same methods as the one in the quick start guide https://developers.google.com/sheets/quickstart/php

I am talking specificaly about this part in the guide

// Refresh the token if it's expired. if ($client->isAccessTokenExpired()) { $client->fetchAccessTokenWithRefreshToken($client->getRefreshToken()); file_put_contents($credentialsPath, json_encode($client->getAccessToken())); }
Improve this question

1 Answer 1

Reset to default
3

Your refresh token expired because the lifespan set in your code was 3600 seconds only/1 hour.

{ "access_token": "xxxxxxx", "token_type": "Bearer", "expires_in": 3600, //refresh_token good for 1 hour "refresh_token": "xxxxxx", "created": 1472731452 }

Using a refresh token

A refresh token is obtained in offline scenarios during the first authorization code exchange. In these cases, your application may obtain a new access token by sending a refresh token to the Google OAuth 2.0 Authorization server.

To obtain a new access token this way, your application sends an HTTPS POST request to https://www.googleapis.com/oauth2/v4/token. The request must include the following parameters:

Such a request will look similar to the following:

POST /oauth2/v4/token HTTP/1.1 Host: www.googleapis.com Content-Type: application/x-www-form-urlencoded client_id=8819981768.apps.googleusercontent.com& client_secret={client_secret}& refresh_token=1/6BMfW9j53gdGImsiyUH5kU5RsR4zwI9lUVX-tqf8JXQ& grant_type=refresh_token

Check this SO thread for additional reference. Hope this helps!

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Yes it does, much more clearer, thank you! I just re-attached the refresh token before saving it :)

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.