How to renew the access token using the refresh token?

by

This question isn’t duplicate AT ALL. I hope this help others not spending days like I have spent.

After almost 4 days I have found out how to get a fresh access token in the google api using OWIN.

I’m going to post the solution, but first, I MUST say that what helped me to start getting a clue about my error was setting up the Debug Symbols for the Katana project. See this link:
http://www.symbolsource.org/Public/Home/VisualStudio

This image show how to configure Debug Symbols Servers.
enter image description here

And this one shows the Katana Debug Symbols being loaded.
enter image description here

After that, I found out that my problem was that Google API was returning 403: Forbidden

“Access Not Configured. Please use Google Developers Console to activate the API for your project”

Then, found on stack overflow this post:
“Access Not Configured. Please use Google Developers Console to activate the API for your project.”

more specifically this Answer: https://stackoverflow.com/a/24401189/833846

After that, I went to Google Developers Console and setup up Google+ API

And then, voillá! It worked.

Now, the code to get a fresh access token using the refresh token (I haven’t found any way to accomplish that using the OWIN API).

public static class TokenValidator
{
    /// <summary>
    /// Obtém um novo access token na API do google.
    /// </summary>
    /// <param name="clientId"></param>
    /// <param name="clientSecret"></param>
    /// <param name="refreshToken"></param>
    /// <returns></returns>
    public static GoogleRefreshTokenModel ValidateGoogleToken(string clientId, string clientSecret, string refreshToken)
    {
        const string url = "https://accounts.google.com/o/oauth2/token";

        var parameters = new List<KeyValuePair<string, string>>
        {
            new KeyValuePair<string, string>("client_id", clientId),
            new KeyValuePair<string, string>("client_secret", clientSecret),
            new KeyValuePair<string, string>("grant_type", "refresh_token"),
            new KeyValuePair<string, string>("refresh_token", refreshToken)
        };

        var content = GetContentAsync(url, "POST",  parameters);

        var token = JsonConvert.DeserializeObject<GoogleRefreshTokenModel>(content);

        return token;
    }

    private static string GetContentAsync(string url, 
        string method = "POST",
        IEnumerable<KeyValuePair<string, string>> parameters = null)
    {
        return method == "POST" ? PostAsync(url, parameters) : GetAsync(url, parameters);
    }

    private static string PostAsync(string url, IEnumerable<KeyValuePair<string, string>> parameters = null)
    {
        var uri = new Uri(url);

        var request = WebRequest.Create(uri) as HttpWebRequest;
        request.Method = "POST";
        request.KeepAlive = true;
        request.ContentType = "application/x-www-form-urlencoded";

        var postParameters = GetPostParameters(parameters);

        var bs = Encoding.UTF8.GetBytes(postParameters);
        using (var reqStream = request.GetRequestStream())
        {
            reqStream.Write(bs, 0, bs.Length);
        }

        using (var response = request.GetResponse())
        {
            var sr = new StreamReader(response.GetResponseStream());
            var jsonResponse = sr.ReadToEnd();
            sr.Close();

            return jsonResponse;
        }
    }

    private static string GetPostParameters(IEnumerable<KeyValuePair<string, string>> parameters = null)
    {
        var postParameters = string.Empty;
        foreach (var parameter in parameters)
        {
            postParameters += string.Format("&{0}={1}", parameter.Key,
                HttpUtility.HtmlEncode(parameter.Value));
        }
        postParameters = postParameters.Substring(1);

        return postParameters;
    }

    private static string GetAsync(string url, IEnumerable<KeyValuePair<string, string>> parameters = null)
    {
        url += "?" + GetQueryStringParameters(parameters);

        var forIdsWebRequest = WebRequest.Create(url);
        using (var response = (HttpWebResponse)forIdsWebRequest.GetResponse())
        {
            using (var data = response.GetResponseStream())
            using (var reader = new StreamReader(data))
            {
                var jsonResponse = reader.ReadToEnd();

                return jsonResponse;
            }
        }
    }

    private static string GetQueryStringParameters(IEnumerable<KeyValuePair<string, string>> parameters = null)
    {
        var queryStringParameters = string.Empty;
        foreach (var parameter in parameters)
        {
            queryStringParameters += string.Format("&{0}={1}", parameter.Key,
                HttpUtility.HtmlEncode(parameter.Value));
        }
        queryStringParameters = queryStringParameters.Substring(1);

        return queryStringParameters;
    }
}

IMPORTANT 1: To get a refresh token you must set the “access_type” to “offline” in the “ExecuteResult” method, this way:

properties.Dictionary["access_type"] = "offline";

IMPORTANT 2: Once you get your refresh token, you must store it and in some secure source. Google API won’t issue you a new refresh token, unless you set “approval_prompt” to “force” before you call the line (in the same method):

context.HttpContext.GetOwinContext().Authentication.Challenge(properties, LoginProvider);

I also recommend taking a look at:

Google API Offline Access

Google OAUTH 2.0 Playground

Google API Discovery Check

More Related Contents:

  1. Unauthorised webapi call returning login page rather than 401
  2. OWIN Security – How to Implement OAuth2 Refresh Tokens
  3. Do I need a Global.asax.cs file at all if I’m using an OWIN Startup.cs class and move all configuration there?
  4. How do you login/authenticate a user with Asp.Net MVC5 RTM bits using AspNet.Identity?
  5. Login page on different domain
  6. Operator '==' cannot be applied to operands of type 'string' and 'System.Guid' in MVC5 [closed]
  7. Pass List of Checkboxes into View and Pull out IEnumerable [duplicate]
  8. Weird Error Upgrading ASP.NET MVC from 4 to 5
  9. How do I get an OAuth 2.0 authentication token in C#
  10. Why new fb api 2.4 returns null email on MVC 5 with Identity and oauth 2?
  11. Asp.NET Identity 2 giving “Invalid Token” error
  12. How to use Json.NET for JSON modelbinding in an MVC5 project?
  13. Set default global json serializer settings
  14. How do I forcefully propagate role changes to users with ASP.NET Identity 2.0.1?
  15. Is there any JSON Web Token (JWT) example in C#?
  16. ASP.Net MVC route to catch all *.aspx requests
  17. Self hosted OWIN and urlacl
  18. MVC 5 Dynamic Rows with BeginCollectionItem
  19. Get IPrincipal from OAuth Bearer Token in OWIN
  20. User in Entity type MVC5 EF6
  21. Can we access GMAIL API using Service Account?
  22. Method ‘RouteCollection.get_AppendTrailingSlash’ not found when using Razor Url helpers in ASP.NET MVC 5 Mono
  23. Get UserID of logged-in user in Asp.Net MVC 5
  24. Correct way to use HttpContext.Current.User with async await
  25. Value cannot be null. Parameter name: items (in Dropdown List) ASP.NET MVC5
  26. GlobalConfiguration.Configure() not present after Web API 2 and .NET 4.5.1 migration
  27. Unhandled Exception Global Handler for OWIN / Katana?
  28. Validate Google Id Token
  29. Using a wwwroot folder (ASP.NET Core style) in ASP.NET 4.5 project
  30. Getting controller name from razor

Leave a Comment