Cannot get refreshtoken and user email

Question

Cannot get refreshtoken and user email

Closed this issue 4 months ago · 5 comments

@app.route('/callback')
def callback(request: Request):
    code = request.query_params.get('code')
    github = GitHub(OAuthAppAuthStrategy(settings.CLIENT_ID, settings.SECRET_ID))
    user_github = github.with_auth(github.auth.as_web_user(code))
    
    # Or exchange the code for tokens and store them
    auth: OAuthTokenAuthStrategy = github.auth.as_web_user(code).exchange_token(github)
    access_token = auth.token
    refresh_token = auth.refresh_token
    print(access_token)
    print(refresh_token)

    user_github = github.with_auth(
        OAuthTokenAuthStrategy(
        settings.CLIENT_ID, settings.SECRET_ID, refresh_token=refresh_token
        )
    )
    resp = user_github.rest.users.get_authenticated()
    user = resp.parsed_data
    print(user.email)

When I try to implement github authentication with oauth application,
In above, I provide valid client_id and secret_id

but I am not getting refresh_token , user.email
Can you please help me what might be the reason that I am facing this issue.

Answer 1 · 2024-08-25T07:22:30.000Z

but I am not getting refresh_token , user.email

do you get the access_token successfully? refresh token is an optional feature, and you will not get it if you do not opt-in. you can just use the auth object returned by the exchange token directly.

Answer 2 · 2024-08-25T09:30:23.000Z

you will not get it if you do not opt-in.

I donot understand this ,sorry for that.
Yes, I am getting access_token. But I need refresh_token to get new access_token later
my whole code looks like


@app.get("/", response_class=HTMLResponse)
async def read_item(request: Request):
    redirect_url = (
        f"https://github.com/login/oauth/authorize"
        f"?client_id={settings.CLIENT_ID}"
        f"&redirect_uri={settings.CallBack_URL}"
        f"&scope=user"
        f"&state={settings.SECRET_KEY}"
    )
    print(redirect_url)
    return templates.TemplateResponse(
        request=request, name="login.html",context={"redirect_url":redirect_url}
    )

@app.route('/callback')
def callback(request: Request):
    code = request.query_params.get('code')
    github = GitHub(OAuthAppAuthStrategy(settings.CLIENT_ID, settings.SECRET_ID))
    auth = github.auth.as_web_user(code).exchange_token(github)
    # Use the auth object directly
    access_token = auth.token
    refresh_token = auth.refresh_token

    print(access_token)
    print(refresh_token)

Answer 3 · 2024-08-25T10:50:30.000Z

If you are using OAuth APP or you opt-out "User-to-server token expiration" feature in GitHub APP, the access_token you get will never expire unless user uninstalled it or some else. In this case, you will not get the refresh token. You can store the access_token for feature usage. Auth with access_token is simple:

auth = OAuthTokenAuthStrategy(client_id, client_secret, token=access_token)

Answer 4 · 2024-08-25T11:26:25.000Z

Sorry, I am asking so much question. I want to use this package on my project for authentication method.
and Last Question

How should I get email of login user ,

this doesnot work
auth.email

yes, we don't need refresh_token cause access_token lifespan is more. But, how one should get refresh_token , if he want?
I followed according to readme but i didnot get that...

Atlast, Thank you for response and appreciation.

Answer 5 · 2024-08-25T13:44:09.000Z

it's just as the code you provided:

user_github = GitHub(OAuthTokenAuthStrategy(client_id, client_secret, token=access_token))
resp = user_github.rest.users.get_authenticated()
user = resp.user
email: str | None = user.email

You can read github app docs first: oauth app auth flow, github app auth flow, about github app refresh token

note that github app is not the same with oauth app, you should make sure you are using github app before using refresh token. refresh token is only returned when you are using github app and you opt-in token expiration feature.