No Refresh Tokens from grant_type = authorizazion_code; python

sven.richter86

Currently we are testing FusionAuth with the python package:

When we use:
exchange_o_auth_code_for_access_token()
we get an access_token but no refresh token.

We modified the the function inside the package:
body = {
"code": code,
"client_id": client_id,
"client_secret": client_secret,
"grant_type": "authorization_code",
"redirect_uri": redirect_uri,
"scope": "offline_access",
}

We tried adding the scope=offline_access in order to get a refresh token but we still don't get one.

If we try retrieve_refresh_tokens() the result is empty.

On the other hand if we use:
exchange_user_credentials_for_access_token()
we get an access_token and a refresh token.

What are we doing wrong? We need to use to grant_type=authorization_code for our application.

dan

Hi folks,

So you need to make sure you request the scope of offline_access in your first request to FusionAuth. That is in the initial request to the authorize endpoint:

http://localhost:9011/oauth2/authorize?client_id=64cbd582-9668-4a93-ad1f-28a78c6b95d3&redirect_uri=http%3A%2F%2Flocalhost%3A3000&response_type=code&scope=offline_access

When you are calling back for the token in your python call, you shouldn't need to specify the scope, it will already be associated with the code that FusionAuth has returned:

from fusionauth.fusionauth_client import FusionAuthClient
import json

code='XspK6zjeqSvXYlkHxrYChBdHM2-nmIjjI8DzbNLGgps'
client_id='64cbd582-9668-4a93-ad1f-28a78c6b95d3'
redirect_uri = 'http://localhost:3000'

client = FusionAuthClient('APIKEY', 'http://localhost:9011')

token = client.exchange_o_auth_code_for_access_token(code,redirect_uri, client_id)

print(json.dumps(token.success_response))
print(json.dumps(token.exception))
print(json.dumps(token.status))

I see the refresh token in the response using this code.

sven.richter86

Great thanks, that solved it.