$client_id, "client_secret" => $client_secret ); if ($grantType === "online"){ $clienttoken_post["code"] = $grantCode; $clienttoken_post["redirect_uri"] = $demo_api_refreshtoken; $clienttoken_post["grant_type"] = "authorization_code"; } if ($grantType === "offline"){ $clienttoken_post["refresh_token"] = $grantCode; $clienttoken_post["grant_type"] = "refresh_token"; } $curl = curl_init($oauth2token_url); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, $clienttoken_post); curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); $json_response = curl_exec($curl); curl_close($curl); $authObj = json_decode($json_response); //if offline access requested and granted, get refresh token if (isset($authObj->refresh_token)){ global $refreshToken; $refreshToken = $authObj->refresh_token; } $accessToken = $authObj->access_token; return $accessToken; } //calls api and gets the data function call_api($accessToken,$url){ $curl = curl_init($url); curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_ANY); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, true); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); $curlheader[0] = "Authorization: Bearer " . $accessToken; curl_setopt($curl, CURLOPT_HTTPHEADER, $curlheader); $json_response = curl_exec($curl); curl_close($curl); $responseObj = json_decode($json_response); return $responseObj; } function dbRefreshToken($name,$scope,$refreshToken = ""){ global $serverpath; $path = $serverpath."/YOUR_PATH/config.php"; include_once($path); $path = $serverpath."/YOUR_PATH/db.php"; include_once($path); if ($conn){ if (strlen($refreshToken)){ //if refreshToken in param list, save to db $query = "INSERT INTO tokens (name, scope, token) VALUES (:name, :scope, :refreshToken)"; $result = $conn->prepare($query); $result->bindValue(':name', $name, PDO::PARAM_STR); $result->bindValue(':scope', $scope, PDO::PARAM_STR); $result->bindValue(':refreshToken', $refreshToken, PDO::PARAM_STR); $result->execute(); $token = $refreshToken; } else { //else retrieve refresh token from db $query = "SELECT token from tokens where name = :name and scope = :scope"; $result = $conn->prepare($query); $result->bindValue(':name',$name, PDO::PARAM_STR); $result->bindValue(':scope', $scope, PDO::PARAM_STR); $result->execute(); $row = $result->fetch(PDO::FETCH_ASSOC); $token = $row["token"]; } mysql_close($conn); $accessTokenfromRefresh = get_oauth2_token($token,"offline"); return $accessTokenfromRefresh; } } $loginUrl = sprintf("https://accounts.google.com/o/oauth2/auth?scope=%s&state=%s&redirect_uri=%s&response_type=code&client_id=%s&access_type=%s",$demo_scope,$state,$demo_api_refreshtoken,$client_id,$access_type); ?> OAuth 2.0 Refresh Token Demo Page

Authorization with Refresh Token

Grant access with Google account for basic user info

name; } //refresh token handling - save to db if returned with access token //or retrieve from db if needed for app if(isset($refreshToken)){ $accessToken = dbRefreshToken($account_name,$demo_scope,$refreshToken); }else{ $accessToken = dbRefreshToken('ACCT_NAME_HERE',$demo_scope); } $refreshaccountObj = call_api($accessToken, $googleUserInfoAPI); $pictureUrl = $refreshaccountObj->picture; if(strlen($pictureUrl)){ echo "

Picture associated with Google account that was accessed using a refresh token:

"; } else { echo "

I got nothing

"; } ?>