Method: refreshToken

Refreshes a payment token's expiration date.

Token refresh happens when a token has expired, is near expiry, or when Google chooses to refresh based on risk profiles. The user is reauthenticated prior to calling this method. The authenticationRequestId that is passed contains the proof of authentication. The googlePaymentToken (GPT) is passed as well. A successful response to this call extends the GPT's expiry date.

If Google sends a GPT that the integrator has never associated before, then it throws an error.

An example request looks like:


{
  "requestHeader": {
    "protocolVersion": {
      "major": 2
    },
    "requestId": "bhHmmdHHvbeY",
    "requestTimestamp": {
      "epochMillis": "1481899949606"
    },
    "paymentIntegratorAccountId": "InvisiCashUSA_USD"
  },
  "authenticationRequestId": "dGVzdHRva2VuZnJvbWdvb2dsZQ==",
  "googlePaymentToken": "ZXhhbXBsZSB1bmlxdWUgcGF5bWVudCB0b2tlbiB2YWx1ZQ"
}

An example response looks like:


{
  "responseHeader": {
    "responseTimestamp": {
      "epochMillis": "1481900013178"
    },
    "requestId": "bhHmmdHHvbeY"
  },
  "tokenExpirationTime": {
    "epochMillis": "1481901824177"
  },
  "result": {
    "success": {}
  }
}

HTTP request

POST https://www.integratordomain.com/v2/refreshToken

Request body

The request body contains data with the following structure:

JSON representation
{
  "requestHeader": {
    object (RequestHeader)
  },
  "googlePaymentToken": string,

  // Union field account_verification can be only one of the following:
  "authenticationRequestId": string,
  "otpVerification": {
    object (OtpVerification)
  }
  // End of list of possible types for union field account_verification.
}
Fields
requestHeader

object (RequestHeader)

REQUIRED: Common header for all requests.

googlePaymentToken

string

REQUIRED: This is the token to be refreshed. This will not be a new token, but an existing token that has already been established via associateAccount. If the token is unknown a status of FAILED_PRECONDITION should be returned.

Union field account_verification.

account_verification can be only one of the following:

authenticationRequestId

string

requestId of the authentication request that preceded this call. This is only present if the user went through the Android app or web authentication paths.

otpVerification

object (OtpVerification)

Data necessary to verify an OTP generated from sendOtp. This is only present if the user went through the sendOtp path.

Response body

If successful, the response body contains data with the following structure:

Response object for the refresh token method.

JSON representation
{
  "responseHeader": {
    object (ResponseHeader)
  },
  "tokenExpirationTime": {
    object (Timestamp)
  },
  "result": {
    object (RefreshTokenResult)
  }
}
Fields
responseHeader

object (ResponseHeader)

REQUIRED: Common header for all responses.

tokenExpirationTime

object (Timestamp)

OPTIONAL: Timestamp when the token expires.

result

object (RefreshTokenResult)

REQUIRED: Result of this call.

RefreshTokenResult

JSON representation
{

  // Union field result can be only one of the following:
  "success": {
    object (Empty)
  },
  "userAuthenticationFailed": {
    object (Empty)
  },
  "otpNotMatched": {
    object (Empty)
  },
  "otpAlreadyUsed": {
    object (Empty)
  },
  "accountClosed": {
    object (Empty)
  },
  "accountClosedAccountTakenOver": {
    object (Empty)
  },
  "accountClosedFraud": {
    object (Empty)
  }
  // End of list of possible types for union field result.
}
Fields

Union field result.

result can be only one of the following:

success

object (Empty)

Successful association.

userAuthenticationFailed

object (Empty)

Even though the account authentication bundle was returned, the user authentication failed.

otpNotMatched

object (Empty)

OTP did not match what the integrator sent.

otpAlreadyUsed

object (Empty)

OTP was already used.

accountClosed

object (Empty)

The user's account held with the integrator has been closed.

Returning this value will cause the user's instrument to be closed with Google. The user will be forced to add a new instrument by going through the association flow again.

accountClosedAccountTakenOver

object (Empty)

The user's account with the integrator has been closed, suspected account take over.

Returning this value will cause the user's instrument to be closed with Google. The user will be forced to add a new instrument by going through the association flow again.

accountClosedFraud

object (Empty)

The user's account held with the integrator has been closed because of fraud.

Returning this value will cause the user's instrument to be closed with Google. The user will be forced to add a new instrument by going through the association flow again.