After an upgrade from Drupal 8.2 to 8.3, and an upgrade of this module from 8.x-2.0-alpha2 to 8.x-2.0-rc3, refresh tokens no longer work. The following message is returned:
"The provided authorization grant (e.g., authorization code, resource owner credentials) or refresh token is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client.
Check the configuration to see if the grant is enabled."
In case someone else comes across this and spends hours trying to figure out why, the issue is resolved by editing and saving the Client config (even if you make no changes) at admin/config/people/simple_oauth/oauth2_client/nnn/edit
Also, there is now a setting for expiration time for refresh tokens at admin/config/people/simple_oauth. I am not sure if this has a default setting but better to set an expiration time yourself anyway.
Just logging this issue to potentially save someone some time in the future.
Comments
Comment #2
Bagz commentedComment #4
raphael apard commentedYou have to enable Simple OAuth Extras module to get the refresh_token grant