By a coincidence I found that refresh and access OAuth tokens are stored in roaming folder of a user after successful authorization.
Is there a way to stop doing it?
Also I am just curious - how is it Google thinking its a good approach to store refresh token on a disk? (especially not telling the user about it).
Apparently (after some experimenting) if you don't supply your own data store the API saves it in your Windows roaming folder \AppData\Roaming\Google.Apis.Auth
however if you provide an "empty" data store this wont happen.
here is the code:
UserCredential credential = null;
var ds = new YoutubeDataStore();
using (var stream = new FileStream("client_id.json", FileMode.Open, FileAccess.Read))
{
credential = await GoogleWebAuthorizationBroker.AuthorizeAsync(
GoogleClientSecrets.Load(stream).Secrets,
new[] { YouTubeService.Scope.YoutubeUpload, },
"user",
CancellationToken.None,
ds
);
}
Data store:
public class YoutubeDataStore : IDataStore
{
public Task ClearAsync()
{
return Task.FromResult<object>(null);
}
public Task DeleteAsync<T>(string key)
{
return Task.FromResult<T>(default(T));
}
public Task<T> GetAsync<T>(string key)
{
return Task.FromResult<T>(default(T));
}
public Task StoreAsync<T>(string key, T value)
{
return Task.FromResult<T>(default(T));
}
}