fix: request offline access on OAuth login so Google returns a refresh token
This commit is contained in:
parent
10ef62bbad
commit
3a774cf7d6
1 changed files with 10 additions and 7 deletions
|
|
@ -22,18 +22,21 @@ oauth.register(
|
||||||
client_id=settings.google_client_id,
|
client_id=settings.google_client_id,
|
||||||
client_secret=settings.google_client_secret,
|
client_secret=settings.google_client_secret,
|
||||||
server_metadata_url="https://accounts.google.com/.well-known/openid-configuration",
|
server_metadata_url="https://accounts.google.com/.well-known/openid-configuration",
|
||||||
client_kwargs={
|
client_kwargs={"scope": SCOPES},
|
||||||
"scope": SCOPES,
|
|
||||||
# access_type=offline + prompt=consent ensures we receive a refresh_token.
|
|
||||||
"access_type": "offline",
|
|
||||||
"prompt": "consent",
|
|
||||||
},
|
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
@router.get("/login")
|
@router.get("/login")
|
||||||
async def login(request: Request):
|
async def login(request: Request):
|
||||||
return await oauth.google.authorize_redirect(request, settings.oauth_redirect_url)
|
# access_type=offline + prompt=consent must be on the authorization URL so Google
|
||||||
|
# returns a refresh_token (required for background sync).
|
||||||
|
return await oauth.google.authorize_redirect(
|
||||||
|
request,
|
||||||
|
settings.oauth_redirect_url,
|
||||||
|
access_type="offline",
|
||||||
|
prompt="consent",
|
||||||
|
include_granted_scopes="true",
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
@router.get("/callback")
|
@router.get("/callback")
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue