RevokeRefreshToken does not revoke token

[dstorrence]

When attempting to revoke the refresh token with OAuth2ProviderForApplications.RevokeRefreshToken(), I do not receive any errors, yet the application remains in the permissions list (https://myaccount.google.com/permissions)

According to the method description, the token must be generated in "Offline Mode". When using the provider OAuth2ProviderForApplications, the default value for IsOffline is "true" so that suggests that it's already set to offline.

I have been using the same code for several months with success, but it didn't fail until I recently updated to the latest libraries.

Please let me know if more information is required.

[dstorrence]

I also wanted to mention a few things:

1. If I execute the method for a refresh token, then attempt to execute on the same token again, I receive an error that it has already been revoked.

2. My two scenarios for testing have been to include the Access Token, as well as exclude it. In both scenarios, it's the same result, where my credentials remain in the permissions list.

3. After I upgraded to the newest versions of the libraries, I changed the provider to begin using the "Config" object for the credentials. I've confirmed that the Refresh and Access tokens appear in the "Config" object, as well as the properties RefreshToken and AccessToken (when appropriate)

[groverp93]

I am also facing the same issue.
Please suggest the solution for this problem.

[jradcliff]

@christopherseeley , assigning over to you. Could please take a look?

Thanks,
Josh

[christopherseeley]

Fixed in 24.4.0

[dstorrence]

@christopherseeley Is there a new way to revoke? Now I receive the following error, with my existing code:

"Failed to revoke refresh token."

Still using the method Google.Api.Ads.Common.OAuth.AdsOAuthProviderImpl.RevokeRefreshToken()

I build the AdWordsAppConfig object and pass it in to a new OAuth2ProviderForApplications as the parameter, before I issue the RevokeRefreshToken method.

The Error property of the exception has the following:

{Error:"invalid_request", Description:"Bad Request", Uri:""}

[dstorrence]

Here's the full stack trace:

at Google.Api.Ads.Common.OAuth.AdsOAuthProviderImpl.RevokeRefreshToken()
[Redacted - My method]
at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken)
at Google.Api.Ads.Common.OAuth.AdsOAuthProviderImpl.RevokeRefreshToken(String refreshToken)
at Google.Api.Ads.Common.OAuth.AdsOAuthProviderImpl.RevokeRefreshToken()
at Google.Apis.Auth.OAuth2.Flows.GoogleAuthorizationCodeFlow.d__23.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Google.Apis.Auth.OAuth2.UserCredential.d__17.MoveNext()

@jradcliff @christopherseeley

[dstorrence]

@jradcliff @christopherseeley

Found the issue. The method now requires the access and refresh tokens to be supplied. Previously, it worked with just the refresh token.

Code adjusted and I'm able to successfully revoke, now.