Some integrators expect their payment tokens to expire. In this situation, as the token nears its expiration, Google will authenticate the user again and extend the token's expiration. This is called the refresh token flow, or re-association flow. During this flow, the integrator tells Google when the payment token expires.
How the flow works
If a token has expired, or is about to expire, this flow will go through the process of renewing the expiry date.
Refresh Token Flow
Here is a list of the object represented in the diagram above:
- Google Server: The backend server at Google that sends the capture command to the Payment Integrator Server.
- Payment Integrator Server: The backend server of the integrator that accepts the request for a funds capture.
In this flow, the token either has expired or is near expiry. The action begins with the Payment Integrator Server.
- The Payment Integrator Server tells the Google Server that the token has expired or is about to expire.
- The Google Server sends a
refreshTokenmessage to the Payment Integrator Server. This includes the
GPTas proof of authentication.
- The Payment Integrator Server refreshes the token with a new expiry date. This may occur whether the original token has expired or not.
- The Payment Integrator Server sends the Google Server a Success message.
Best practices and other considerations
googlePaymentToken sent to the Payment Integrator Server will not be a new token, but an existing token that has already been established via
associateAccount. If the token is unknown an error message of
FAILED_PRECONDITION should be returned.