Chat with us, powered by LiveChat

How to Verify Google API OAuth Token

The Creator Studio add-on fetches the OAuth2 access token for the projects using the Google Apps Script API that is then used to authorize the Google Client JavaScript API and fetch the Slide Screenshots.

Unlike the OAuth2 refresh tokens that are forever valid, the access tokens have limited validity (they expire in under 60 minutes) and you should always verify the token before making a server-side request. It will else fail with an error like Invalid Credentials.

Luckily, Google offers a service googleapis.com/oauth2/v1/tokeninfo to check your access tokens and what Google scopes they have access to.

const isOAuthTokenValid = token => {
  const BASE_API = 'https://www.googleapis.com/oauth2/v1/tokeninfo';
  return new Promise((resolve, reject) => {
    fetch(`${BASE_API}?access_token=${token}`, {
      mode: 'cors',
    })
      .then(response => {
        return response.json();
      })
      .then(({ expires_in: timeout = 0 }) => {
        if (timeout > 0) resolve('Token is valid');
        reject(new Error('Token has expired'));
      });
  });
};

export default isOAuthTokenValid;