How to Verify Google API OAuth Token

H
Published in: Google Cloud - JavaScript

The Creator Studio add-on fetches the OAuth2 access token for the projects using the Google Apps Script API that is then used to authorize the Google Client JavaScript API and fetch the Slide Screenshots.

Unlike the OAuth2 refresh tokens that are forever valid, the access tokens have limited validity (they expire in under 60 minutes) and you should always verify the token before making a server-side request. It will else fail with an error like Invalid Credentials.

Luckily, Google offers a service googleapis.com/oauth2/v1/tokeninfo to check your access tokens and what Google scopes they have access to.

const isOAuthTokenValid = token => {
  const BASE_API = 'https://www.googleapis.com/oauth2/v1/tokeninfo';
  return new Promise((resolve, reject) => {
    fetch(`${BASE_API}?access_token=${token}`, {
      mode: 'cors',
    })
      .then(response => {
        return response.json();
      })
      .then(({ expires_in: timeout = 0 }) => {
        if (timeout > 0) resolve('Token is valid');
        reject(new Error('Token has expired'));
      });
  });
};

export default isOAuthTokenValid;
Published in: Google Cloud - JavaScript

Looking for something? Find here!

Meet the Author

Web Geek, Google Developer Expert
A
Amit Agarwal

Amit Agarwal is a Google Developer Expert in Google Workspace and Google Apps Script. He holds an engineering degree in Computer Science (I.I.T.) and is the first professional blogger in India. He is the developer of Mail Merge for Gmail and Document Studio. Read more on Lifehacker and YourStory

Get in touch