Skip to content
Advertisement

LinkedIn API OAuth refresh token

I am using LinkedIn API to pull updates from there and display on the website. While using OAuth, I am storing the token in a file and then pull it from there again to prevent the login popup. However, I am not clear once my token expires how will it get refreshed. Following is how I am reading the token from the file –

        $config = json_decode(file_get_contents(".service.dat"));
        if( isset($config->key) && isset($config->secret) ) {
            $this->access_token = new OAuthConsumer($config->key, $config->secret);
        } 

For authentication I have following to get request token –

function getRequestToken()
{
    $consumer = $this->consumer;
    $request = OAuthRequest::from_consumer_and_token($consumer, NULL, "GET", $this->request_token_path);
    $request->set_parameter("oauth_callback", $this->oauth_callback);
    $request->sign_request($this->signature_method, $consumer, NULL);
    $headers = Array();
    $url = $request->to_url();
    $response = $this->httpRequest($url, $headers, "GET");
    parse_str($response, $response_params);
    $this->request_token = new OAuthConsumer($response_params['oauth_token'], $response_params['oauth_token_secret'], 1);
}

After generating token, I am generting authorize url:

function generateAuthorizeUrl()
{
    $consumer = $this->consumer;
    $request_token = $this->request_token;
    return $this->authorize_path . "?oauth_token=" . $request_token->key;
}

LinkedIn documentation states following about refresh token:

Refreshing an access token is very simple and can happen without an authorization dialog appearing for the user. In other words, it’s a seamless process that doesn’t affect your application’s user experience. Simply have your application go through the authorization flow in order to fetch a new access token with an additional 60 day life span.

I am not clear what that means. If I have to redo all the way from obtaining request token again then wouldn’t that require me to make http request again and having to popup the login screen? How do I avoid it? Will appreciate suggestion.

Thanks.

Advertisement

Answer

Found out. Authorization URL:

https://www.linkedin.com/oauth/v2/authorization

followed by the access token url:

https://www.linkedin.com/oauth/v2/accessToken

was all that I really had to do (passing with the right parameters).

User contributions licensed under: CC BY-SA
2 People found this is helpful
Advertisement