Address VwG non-interactive flow (token refresh).
brnnmrls opened this issue · 1 comments
brnnmrls commented
Completing the interactive flow for VwG, one of the next steps is to consider the non-interactive flow. This portion starts whenever the user has already been verified or in the case they need to refresh.
We want to provide requesting parties with the ability to refresh VwG tokens. There's two solutions where one is more suitable timing wise and the other is more complex but addresses two issues regarding the auth state that the first will not:
- (easy solution) We will provide the requesting party with an API that holds a method to manage the token refresh. This API will require developers to pass in their refresh token string, which we will use to create the refresh token request.
- There are two limitations which are addressed by the more complex solution: 1) GSI attaches authorization state holding the tokens on GIDGoogleUser. 2) GSI saves tokens to the device chain.
- (complex solution) Adding token refresh to GIDGoogleUser.