Thursday, July 27, 2017

LinkedIn API OAuth refresh token

Leave a Comment

I am using LinkedIn API to pull updates from there and display on the website. While using OAuth, I am storing the token in a file and then pull it from there again to prevent the login popup. However, I am not clear once my token expires how will it get refreshed. Following is how I am reading the token from the file -

        $config = json_decode(file_get_contents(".service.dat"));         if( isset($config->key) && isset($config->secret) ) {             $this->access_token = new OAuthConsumer($config->key, $config->secret);         }  

For authentication I have following to get request token -

function getRequestToken() {     $consumer = $this->consumer;     $request = OAuthRequest::from_consumer_and_token($consumer, NULL, "GET", $this->request_token_path);     $request->set_parameter("oauth_callback", $this->oauth_callback);     $request->sign_request($this->signature_method, $consumer, NULL);     $headers = Array();     $url = $request->to_url();     $response = $this->httpRequest($url, $headers, "GET");     parse_str($response, $response_params);     $this->request_token = new OAuthConsumer($response_params['oauth_token'], $response_params['oauth_token_secret'], 1); } 

After generating token, I am generting authorize url:

function generateAuthorizeUrl() {     $consumer = $this->consumer;     $request_token = $this->request_token;     return $this->authorize_path . "?oauth_token=" . $request_token->key; } 

LinkedIn documentation states following about refresh token:

Refreshing an access token is very simple and can happen without an authorization dialog appearing for the user. In other words, it's a seamless process that doesn't affect your application's user experience. Simply have your application go through the authorization flow in order to fetch a new access token with an additional 60 day life span.

I am not clear what that means. If I have to redo all the way from obtaining request token again then wouldn't that require me to make http request again and having to popup the login screen? How do I avoid it? Will appreciate suggestion.

Thanks.

1 Answers

Answers 1

Found out. Authorization URL:

https://www.linkedin.com/oauth/v2/authorization

followed by the access token url:

https://www.linkedin.com/oauth/v2/accessToken

was all that I really had to do (passing with the right parameters).

If You Enjoyed This, Take 5 Seconds To Share It

0 comments:

Post a Comment