How to stop Youtube API saving OAuth token in a file?

Question

By a coincidence I found that refresh and access OAuth tokens are stored in roaming folder of a user after successful authorization.

Is there a way to stop doing it?

Also I am just curious - how is it Google thinking its a good approach to store refresh token on a disk? (especially not telling the user about it).

Answer 1

Apparently (after some experimenting) if you don't supply your own data store the API saves it in your Windows roaming folder \AppData\Roaming\Google.Apis.Auth

however if you provide an "empty" data store this wont happen.

here is the code:

UserCredential credential = null;

var ds = new YoutubeDataStore();

using (var stream = new FileStream("client_id.json", FileMode.Open, FileAccess.Read))
{
    credential = await GoogleWebAuthorizationBroker.AuthorizeAsync(
        GoogleClientSecrets.Load(stream).Secrets,
        new[] { YouTubeService.Scope.YoutubeUpload, },
        "user",
        CancellationToken.None, 
        ds
    );
}

Data store:

public class YoutubeDataStore : IDataStore
{
    public Task ClearAsync()
    {
        return Task.FromResult<object>(null);
    }

    public Task DeleteAsync<T>(string key)
    {
        return Task.FromResult<T>(default(T));
    }

    public Task<T> GetAsync<T>(string key)
    {
        return Task.FromResult<T>(default(T));
    }

    public Task StoreAsync<T>(string key, T value)
    {
        return Task.FromResult<T>(default(T));
    }
}

Answer 2

It's 99.99% certain that Google is not storing any tokens anywhere.

The user has authed using an app, so what the app does with those tokens is out of Google's control (unless you are saying that the app was one of Google's). You might want to address the question to the app author.