"This app would like to: Have offline access" when access_type=online

google-oauth oauth-2.0

Solution 1:

I think G does this when your app requests a token and there is still a valid access or refresh token for the user for the scopes in question.

The solution is to revoke tokens when you're done with them (either on user logout or immediately after authenticating the user) by issuing this request:

https://accounts.google.com/o/oauth2/revoke?token={token}

You don't have to provide any app credentials, just the token as a URL argument.

(docs here https://developers.google.com/accounts/docs/OAuth2WebServer#tokenrevoke)

I had the same problem and no combination of access_type or approval_prompt values seemed to solve it. Revoking the token did the trick.

I'm not sure how to revoke all outstanding tokens for your app, unless you happened to store them. To test with your own user account, you can manually revoke the existing token for your app here:

https://security.google.com/settings/security/permissions

Solution 2:

UPDATE:

The Scope for E-mail is now

email

Legacy Google+ APIs have been shut down as of March 7, 2019. Scopes previously requested by your apps may now be deprecated or invalid. Developers should update their code to remove or update references to Google+, Google+ APIs, and any related OAuth scopes. source: https://developers.google.com/+/scopes-shutdown

-- OLD ANSWER --

Google recently changed the Scope for Email. You should replace

https://www.googleapis.com/auth/userinfo.email

with:

https://www.googleapis.com/auth/plus.profile.emails.read

and:

https://www.googleapis.com/auth/plus.login

Then the offline access should disappear.

See also:

https://developers.google.com/+/api/oauth#email

Warning: This scope is deprecated. Google will no longer support this scope after Sept. 1, 2014. For details, see Migrating to Google+ Sign-In.

This also changes the way the email address is received:

https://developers.google.com/+/api/auth-migration#email

Also keep in mind that you have to activate the Google+ API in your management console in order for this to work.

Solution 3:

Using http://localhost in the redirect_url parameter of the OAuth request will cause the user to be asked to grant offline access the first time they authenticate after each login.

Solution 4:

Tzach. In order to not prompt the consent screen after first login. You may need this to pass the value to the function :

$client->setApprovalPrompt ("auto");

Related

Saying that the mail has an attached form filled up by me?
Should I say "more exact"/"more precise"?
How to say "mix of two language" in a bad meaning
A word to describe an empathetic employee in regards to their business
Is "yearslong" a word?
Is "back the hall" accepted usage?
Grant privileges on future tables in PostgreSQL?
Is this a predicative adjunct?
The difference between "anyway" and "any way"
Etymology of "Mother Nature" and "Father Time"
Adjective describing someone who is in constant communication with someone else?
Is "snoot" really a word? Where did it originate?