13

I am using LinkedIn API to pull updates from there and display on the website. While using OAuth, I am storing the token in a file and then pull it from there again to prevent the login popup. However, I am not clear once my token expires how will it get refreshed. Following is how I am reading the token from the file -

        $config = json_decode(file_get_contents(".service.dat"));
        if( isset($config->key) && isset($config->secret) ) {
            $this->access_token = new OAuthConsumer($config->key, $config->secret);
        }

For authentication I have following to get request token -

function getRequestToken()
{
    $consumer = $this->consumer;
    $request = OAuthRequest::from_consumer_and_token($consumer, NULL, "GET", $this->request_token_path);
    $request->set_parameter("oauth_callback", $this->oauth_callback);
    $request->sign_request($this->signature_method, $consumer, NULL);
    $headers = Array();
    $url = $request->to_url();
    $response = $this->httpRequest($url, $headers, "GET");
    parse_str($response, $response_params);
    $this->request_token = new OAuthConsumer($response_params['oauth_token'], $response_params['oauth_token_secret'], 1);
}

After generating token, I am generting authorize url:

function generateAuthorizeUrl()
{
    $consumer = $this->consumer;
    $request_token = $this->request_token;
    return $this->authorize_path . "?oauth_token=" . $request_token->key;
}

LinkedIn documentation states following about refresh token:

Refreshing an access token is very simple and can happen without an authorization dialog appearing for the user. In other words, it's a seamless process that doesn't affect your application's user experience. Simply have your application go through the authorization flow in order to fetch a new access token with an additional 60 day life span.

I am not clear what that means. If I have to redo all the way from obtaining request token again then wouldn't that require me to make http request again and having to popup the login screen? How do I avoid it? Will appreciate suggestion.

Thanks.

Improve this question

4 Answers 4

Reset to default
2

Found out. Authorization URL:

https://www.linkedin.com/oauth/v2/authorization

followed by the access token url:

https://www.linkedin.com/oauth/v2/accessToken

was all that I really had to do (passing with the right parameters).

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

There is also a endpoint to refresh the token once it expire, here is the documentation of the way to do it: https://learn.microsoft.com/en-us/linkedin/shared/authentication/programmatic-refresh-tokens

Improve this answer

Comments

0

If You go through the documentation

Linkedin does not provide refresh token you need to again go through the workflow.

Here is the Short Explanation:

To refresh an Access Token, simply go through the authorization process outlined in this document again to fetch a new token. During the refresh workflow, provided the following conditions are met, the authorization dialog portion of the flow is automatically skipped and the user is redirected back to your callback URL, making acquiring a refreshed access token a seamless behind-the-scenes user experience

Refresh your Access Tokens

Improve this answer

1 Comment

While it is OK for an answer to contain links for reference the answer itself should at least contain a basic explanation.
0

There is a simple example how you can refresh your token:

public async Task<LinkedInTokenResponse> RefreshToken(string yourRefreshToken, CancellationToken cancellationToken)
 {
     var client = new HttpClient();
     var request = new HttpRequestMessage(HttpMethod.Post, "https://www.linkedin.com/oauth/v2/accessToken");

     var parameters = new Dictionary<string, string>
     {
         { "grant_type", "refresh_token" },
         { "refresh_token", yourRefreshToken },
         { "client_id", _linkedInApplicationSettings.ClientId },
         { "client_secret", _linkedInApplicationSettings.PrimaryClientSecret }
     };

     request.Content = new FormUrlEncodedContent(parameters);

     var response = await client.SendAsync(request, cancellationToken);
     var responseContent = await response.Content.ReadAsStringAsync(cancellationToken);
     response.EnsureSuccessStatusCode();

     var tokenResponse = JsonConvert.DeserializeObject<LinkedInTokenResponse>(responseContent);

     return tokenResponse;
 }

public class LinkedInTokenResponse
{
    [JsonProperty("access_token")]
    public string AccessToken { get; set; }

    [JsonProperty("expires_in")]
    public int AccessTokenExpiresIn { get; set; }

    [JsonProperty("refresh_token")]
    public string RefreshToken { get; set; }

    [JsonProperty("refresh_token_expires_in")]
    public int RefreshTokenExpiresIn { get; set; }
}
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.