When you've stored an OAuth2 access/refresh token couple for a long time, you might not be sure what scopes it was giving access to.

In that case, just pass the access token to the tokeninfo endpoint :

https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=XXXXX

The output looks like this :

{
"issued_to": "407408718192.apps.googleusercontent.com",
"audience": "407408718192.apps.googleusercontent.com",
"user_id": "1170123456778279183758",
"scope": "https://www.googleapis.com/auth/userinfo.email",
"expires_in": 3585,
"email": "[email protected]",
"verified_email": true,
"access_type": "offline"
}

Of course you can also do this with a library. In Java :

Oauth2 oauth2 = new Oauth2.Builder(new NetHttpTransport(), new JacksonFactory(), null)
.setApplicationName(ProbeClient.APPLICATION_NAME)
.build();
return oauth2.tokeninfo().setAccessToken(yourAccessToken).execute();

You'll need the following dependency :

<dependency>
            <groupId>com.google.apis</groupId>
            <artifactId>google-api-services-oauth2</artifactId>
            <version>v1-rev76-1.18.0-rc</version>
</dependency>