Dear Lazyweb,

I have two YouTube accounts, jwz and dnalounge, and I’m using the oauth API with both of them to automate uploads and stuff. With the DNA account, I am getting a refresh_token that lasts forever. But with the jwz one, I am getting a refresh_token that can only refresh the access_token for a week, and then I have to log in again. Any ideas what fuckery is afoot?

The DNA token does this:

GET https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=DNA_ACCESS_TOKEN_1 => access_type => “offline”, audience => “DNA_PROJECT_ID.apps.googleusercontent.com”, expires_in => 3574, issued_to => “DNA_PROJECT_ID.apps.googleusercontent.com”, scope => “https://www.googleapis.com/auth/youtube” POST https://accounts.google.com/o/oauth2/token client_id => “DNA_PROJECT_ID.apps.googleusercontent.com”, client_secret => “DNA_CLIENT_SECRET”, grant_type => “refresh_token”, refresh_token => “DNA_REFRESH_TOKEN” result: access_token => “DNA_ACCESS_TOKEN_2”, expires_in => 3599, scope => “https://www.googleapis.com/auth/youtube”, token_type => “Bearer” token expiration 0:00:59:34 => 0:00:59:59

but the jwz token does this:

GET https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=JWZ_ACCESS_TOKEN_1 => access_type => “offline”, audience => “JWZ_PROJECT_ID.apps.googleusercontent.com”, expires_in => 3413, issued_to => “JWZ_PROJECT_ID.apps.googleusercontent.com” scope => “https://www.googleapis.com/auth/youtube”, POST https://accounts.google.com/o/oauth2/token client_id => “JWZ_CLIENT_ID”, client_secret => “JWZ_CLIENT_SECRET”, grant_type => “refresh_token”, refresh_token => “JWZ_REFRESH_TOKEN” result: access_token => “JWZ_ACCESS_TOKEN_2”, expires_in => 3599, refresh_token_expires_in => 201701 scope => “https://www.googleapis.com/auth/youtube”, token_type => “Bearer”, token expiration 0:00:56:53 => 0:00:59:59 refresh expires in 2:00:01:41

Maybe I’m logging in wrong? I log in with user/pass/TOTP “jwz@jwz.org” which takes me to the channel “@yesthatjwz” then I load:

https://accounts.google.com/o/oauth2/auth?client\_id=*JWZ\_PROJECT\_ID*.apps.googleusercontent.com&redirect\_uri=https://localhost&response\_type=code&scope=https://www.googleapis.com/auth/youtube&access\_type=offline

and it asks me to choose my “brand” account. There are three listed: “DNA Lounge”, “yesthatjwz”, and another “jwz” account. The selection that works is the “yestthatjwz” one. The mystery account is @alsojwz1853 and I don’t know why it exists but I’m afraid to delete it in case that breaks something.

When I sign in with “jwz@jwz.org”, it takes me directly to my real channel, @yesthatjwz.

When I sign in with: “yesthatjwz” or “youtube@jwz.org” or “yesthatjwz@jwz.org”, it asks me to select a channel: @yesthatjwz or “also jwz” @alsojwz1853.

Trying to sign in with “alsojwz1853” says “could not find your account”.

Another clue: both the “DNA Lounge” and “yesthatjwz” accounts work with or without at-signs, /dnalounge, /@dnalounge, /yesthatjwz and /@yesthatjwz, but the other one only works as /@alsojwz1853, not as /alsojwz1853. Maybe because they are old accounts that pre-date YouTube being purchased by Google? Another difference is that the thing in console.cloud.google.com/auth/clients/*_PROJECT_ID for DNA is an “iOS client” created in 2014, but for “jwz” is a “Desktop client” created in 2024. There don’t seem to be any settings.

But I still don’t understand why the DNA and jwz accounts have different behavior.

Previously, previously, previously, previously.

From jwz via this RSS feed