admin管理员组文章数量:1123222
I’ve encountered an issue with Google OAuth where, after an access token refresh, the returned token sometimes lacks one of the originally granted scopes. This behavior affects only some users of our application.
Here's the flow:
- Users grant access to all requested scopes, as confirmed in the OAuth consent response.
- We validate the credential by successfully querying the Google Calendar API using the granted scope (
). - The credentials are saved after passing all checks.
However, when the access token expires and we attempt to refresh it, the new token no longer includes the scope.
Before access token refresh:
.email
.profile
openid
After access token refresh:
.email
.profile
openid
This results in the loss of Calendar API functionality for affected users.
I've searched extensively, but haven't found documentation explaining why Google would return fewer scopes after a token refresh.
What could cause this behavior where certain scopes are excluded after token refresh?
本文标签: Google OAuth access token refresh returns fewer scopes than initially grantedStack Overflow
版权声明:本文标题:Google OAuth access token refresh returns fewer scopes than initially granted - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1736560077a1944633.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论