fix(api): fix google refresh token issue #114
Conversation
| if (this.providerName === "google") { | ||
| params.access_type = "offline"; | ||
| } | ||
|
|
There was a problem hiding this comment.
This is only necessary when creating the uri
| @@ -98,6 +95,7 @@ export class OAuth2DefaultImpl implements OAuth2 { | |||
|
|
|||
| if (this.providerName === "google") { | |||
| uriParams.access_type = "offline"; | |||
| uriParams.prompt = "consent"; | |||
| } | |||
There was a problem hiding this comment.
By adding this we will prompt the user to grant access to permissions every time they authenticate with google.
This means if a user authenticates with multiple accounts they will have to grant permssions to their google account every time. Because they grant permissions we will receive a refresh token every time.
| await this.oauth.revokeLocal(connectedUser); | ||
| } catch (error) { | ||
| throw new Error("Google Revoke failed"); | ||
| } | ||
| } | ||
|
|
There was a problem hiding this comment.
Given the logic for having multiple accounts using the same google account if one gets revoked they all do. The problem is it will only remove the token from the provider map for the account that revoked access but all other accounts will still contain the token. Then when they fetch data google will throw a 401.
So for now we can just remove it locally from the providermap like we do for other providers and i think it should be fine but im open to feedback.
| @@ -98,6 +95,7 @@ export class OAuth2DefaultImpl implements OAuth2 { | |||
|
|
|||
| if (this.providerName === "google") { | |||
| uriParams.access_type = "offline"; | |||
| uriParams.prompt = "consent"; | |||
| } | |||
| await this.oauth.revokeLocal(connectedUser); | ||
| } catch (error) { | ||
| throw new Error("Google Revoke failed"); | ||
| } | ||
| } | ||
|
|
|
🎉 This PR is included in version 1.4.0-develop.4 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
|
🎉 This PR is included in version 2.0.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Ref. metriport/metriport-internal#177
Ref: 177
Dependencies
None
Description
Fixed the google refresh token issue by prompting user to always grant permissions when authenticating
Release Plan
ASAP