Method: refreshToken

Refreshes a payment token's expiration date.

Token refresh happens when a token has expired, is near expiry, or when Google chooses to refresh based on risk profiles. The user is reauthenticated prior to calling this method. The authenticationRequestId that is passed contains the proof of authentication. The googlePaymentToken (GPT) is passed as well. A successful response to this call extends the GPT's expiry date.

If Google sends a GPT that the integrator has never associated before, then it throws an error.

An example request looks like:


{
  "requestHeader": {
    "protocolVersion": {
      "major": 1,
      "minor": 0,
      "revision": 0
    },
    "requestId": "bhHmmdHHvbeY",
    "requestTimestamp": 1481899949606
  },
  "authenticationRequestId": "dGVzdHRva2VuZnJvbWdvb2dsZQ==",
  "googlePaymentToken": "ZXhhbXBsZSB1bmlxdWUgcGF5bWVudCB0b2tlbiB2YWx1ZQ"
}

An example response looks like:


{
  "responseHeader": {
    "responseTimestamp": 1481900013178
  },
  "paymentIntegratorRefreshTokenId": "iuKndnVzaCB0b2tlbiYYke=",
  "tokenExpirationTime": 1481901824177,
  "result": "SUCCESS"
}

HTTP request

POST https://www.integratordomain.com/v1/refreshToken

Request body

The request body contains data with the following structure:

JSON representation
{
  "requestHeader": {
    object (RequestHeader)
  },
  "googlePaymentToken": string,

  // Union field account_verification can be only one of the following:
  "authenticationRequestId": string,
  "otpVerification": {
    object (OtpVerification)
  }
  // End of list of possible types for union field account_verification.
}
Fields
requestHeader

object (RequestHeader)

REQUIRED: Common header for all requests.

googlePaymentToken

string

REQUIRED: This is the token to be refreshed. This will not be a new token, but an existing token that has already been established via associateAccount. If the token is unknown a status of FAILED_PRECONDITION should be returned.

Union field account_verification.

account_verification can be only one of the following:

authenticationRequestId

string

OPTIONAL: requestId of the authentication request that preceded this call. This is only present if the user went through the Android app or web authentication paths.

otpVerification

object (OtpVerification)

OPTIONAL: Data necessary to verify an OTP generated from sendOtp. This is only present if the user went through the sendOtp path.

Response body

If successful, the response body contains data with the following structure:

Response object for the refresh token method.

JSON representation
{
  "responseHeader": {
    object (ResponseHeader)
  },
  "paymentIntegratorRefreshTokenId": string,
  "tokenExpirationTime": string,
  "userMessage": string,
  "result": enum (RefreshTokenResultCode)
}
Fields
responseHeader

object (ResponseHeader)

REQUIRED: Common header for all responses.

paymentIntegratorRefreshTokenId

string

OPTIONAL: This identifier is specific to the integrator and is generated by the integrator. It is used for debugging purposes only in order to identify this call. This is the identifier that the integrator knows this call by.

tokenExpirationTime

string (int64 format)

OPTIONAL: Milliseconds since epoch when the token expires. Use 0 to signal the token does not expire.

userMessage
(deprecated)

string

OPTIONAL: A description of the result to be displayed to the user if the result is not SUCCESS.

result

enum (RefreshTokenResultCode)

REQUIRED: Result of this call.

RefreshTokenResultCode

Result codes for refresh token.

Enums
UNKNOWN_RESULT Do not ever set this default value!
SUCCESS Successful association.
USER_AUTHENTICATION_FAILED Even though the account authentication bundle was returned, the user authentication failed.
CONTACT_INTEGRATOR

User must contact the integrator.

OTP_NOT_MATCHED OTP did not match what the integrator sent.
OTP_ALREADY_USED OTP was already used.
ACCOUNT_CLOSED

The user's account held with the integrator has been closed.

Returning this value will cause the user's instrument to be closed with Google. The user will be forced to add a new instrument by going through the association flow again.

ACCOUNT_CLOSED_ACCOUNT_TAKEN_OVER

The user's account with the integrator has been closed, suspected account take over.

Returning this value will cause the user's instrument to be closed with Google. The user will be forced to add a new instrument by going through the association flow again.

ACCOUNT_CLOSED_FRAUD

The user's account held with the integrator has been closed because of fraud.

Returning this value will cause the user's instrument to be closed with Google. The user will be forced to add a new instrument by going through the association flow again.