We're working on a project that depends on PSA (0.2.1) for authentications with google oauth2 (offline). Somehow we lost some refresh tokens of some users, we want to force those users to RE-AUTHENTICATE so we can get new refresh token from google
we tried both :
social.pipeline.disconnect.allowed_to_disconnect
from SOCIAL_AUTH_DISCONNECT_PIPELINE
, we got no exception, but when the user re-authenticate, there is no refreh_token in google responseAny idea will be highly appreciated.
Update: We tried to use {% url 'account:social:begin' 'google-oauth2' %}?approval_prompt=force&next=/
to force the approval_prompt for certain users (with missing tokens), but its seem to have no effect over google oauth.
Thanks
Using this setting does the trick:
SOCIAL_AUTH_GOOGLE_OAUTH2_AUTH_EXTRA_ARGUMENTS = {
'access_type': 'offline',
'approval_prompt': 'force'
}
Use case example at http://psa.matiasaguirre.net/docs/use_cases.html#re-prompt-google-oauth2-users-to-refresh-the-refresh-token