I needed to send mails from a gmail account that I have access to, using nodemailer. It works for a couple of days before my refresh token is mysteriously revoked, even though the account belongs to me. A google search brought me here and I had been watching for a while hoping someone would help with a solution.
As you mentioned, this seems to happen with only test/unverified apps and I'm guessing google revokes tokens for such applications in your account after a few days. After much trials and errors, here is what I did.
NOTE: This is solution is only applicable to accounts you own, otherwise you must verify your app to access other people's accounts
- Generate a new refresh token (existing one is most likely revoked) as described in this SO post
- Go to the security tab of your google account dashboard
- Under the Recent security activity section, you should see a security alert for your app.
- Click on the context menu next to the notification and click DISMISS
- At this point you'll be presented with a dialog of options where you indicate the level of trust you have for the app. I just went ahead and said I trusted the developer/app, obviously. And that's it! The refresh token should persist after this.
I could not find anything related anywhere else. So, please, accept this answer if it works for you. It might help someone else
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
