OAuth2Refresh

Typecommand
Dictionarylibrary.oauth2
LibraryOAuth2 Library
Syntax
OAuth2Refresh <pTokenURL>,<pClientID>,<pClientSecret>,<pRefreshToken>,<pPort>
Associationscom.livecode.library.oauth2
Summary

Obtain a new authorization token using a refresh token

Parameters
NameTypeDescription
pTokenURL

The URL to obtain the authorization token from once an authorization code is sent to the redirect uri. This can be obtained from the API documentation of the service being authorized.

pClientID

The application client ID obtained when setting up your application with the web service.

pClientSecret

The application client secret obtained when setting up your application with the web service.

pRefreshToken

The refresh token obtained from a previous OAuth 2 authorization.

pPort

The port to use for the redirect uri. It is recommended to use the range 49152-65535.

Example
constant kTokenURL = "https://www.googleapis.com/oauth2/v4/token"
constant kClientID = "XXXXXXXXXXXXXXXXXXXXXXX"
constant kClientSecret = "XXXXXXXXXXXXXXXXXXXXXXX"

local sAuth

private command __RefreshAuth
   if sAuth is not an array then
      return "No authorization info available" for error
   end if

   OAuth2Refresh kTokenURL, kClientID, kClientSecret, sAuth["refresh_token"], 59004
   if the result is empty then
      put it into sAuth
   else
      return "Not authorized" for error
   end if

   set the httpHeaders to "Authorization: Bearer "& sAuth["access_token"]
   return empty for error
end __RefreshAuth
Values
NameTypeDescription
It

An array containing the parsed JSON data returned by the token url

The result

An error string if an error occurred during authorization

Description

Access tokens have limited lifetimes. If your application needs access to an API beyond the lifetime of a single access token, it can obtain a refresh token. A refresh token allows your application to obtain new access tokens.

Note: Save refresh tokens in secure long-term storage and continue to use them as long as they remain valid. Limits apply to the number of refresh tokens that are issued per client-user combination, and per user across all clients, and these limits are different. If your application requests enough refresh tokens to go over one of the limits, older refresh tokens stop working.