无法从Google API OAuth2刷新令牌

Question

Here is my php script RefreshToken.php

<?php
$url = 'https://accounts.google.com/o/oauth2/token';
$post_data = array(
                    'code'          =>   'xxxxxxxx',
                    'client_id'     =>   'xxxxxxxxxxx',
                    'client_secret' =>   'xxxxxxxxxxxxx',
                    'redirect_uri'  =>   'http://localhost/googleapi/AuthenticationCode.php',
                    'grant_type'    =>   'authorization_code',
                    );
$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

$result = curl_exec($ch);
$token = json_decode($result);

echo $token->refresh_token . "\n";
?>

Run PHP CLI

php -q RefreshToken.php

PHP Notice: Undefined property: stdClass::$refresh_token in /var/www/googleapi/RefreshToken.php on line 20

Answer 1

The refresh_token is not returned by default in Google OAuth2.

The request for an authorization code requires an extra parameter ( access_type ): then refresh token will be returned with access_token.

Other unusual behaviour: the refresh_token is returned only one time for a user. If, for some reason, refresh_token is lost for that user, then user will need to open Google Account Security Settings page and drop access for your app. And this is not enough: your app will need to pass more one params ( approval_prompt equals true ) to indicate we're forcing the request for a new refresh_token .

More info: https://developers.google.com/accounts/docs/OAuth2WebServer#offline )