I am using LinkedIn API to pull updates from there and display on the website. While using OAuth, I am storing the token in a file and then pull it from there again to prevent the login popup. However, I am not clear once my token expires how will it get refreshed. Following is how I am reading the token from the file –
$config = json_decode(file_get_contents(".service.dat")); if( isset($config->key) && isset($config->secret) ) { $this->access_token = new OAuthConsumer($config->key, $config->secret); }
For authentication I have following to get request token –
function getRequestToken() { $consumer = $this->consumer; $request = OAuthRequest::from_consumer_and_token($consumer, NULL, "GET", $this->request_token_path); $request->set_parameter("oauth_callback", $this->oauth_callback); $request->sign_request($this->signature_method, $consumer, NULL); $headers = Array(); $url = $request->to_url(); $response = $this->httpRequest($url, $headers, "GET"); parse_str($response, $response_params); $this->request_token = new OAuthConsumer($response_params['oauth_token'], $response_params['oauth_token_secret'], 1); }
After generating token, I am generting authorize url:
function generateAuthorizeUrl() { $consumer = $this->consumer; $request_token = $this->request_token; return $this->authorize_path . "?oauth_token=" . $request_token->key; }
LinkedIn documentation states following about refresh token:
Refreshing an access token is very simple and can happen without an authorization dialog appearing for the user. In other words, it’s a seamless process that doesn’t affect your application’s user experience. Simply have your application go through the authorization flow in order to fetch a new access token with an additional 60 day life span.
I am not clear what that means. If I have to redo all the way from obtaining request token again then wouldn’t that require me to make http request again and having to popup the login screen? How do I avoid it? Will appreciate suggestion.
Thanks.
Advertisement
Answer
Found out. Authorization URL:
https://www.linkedin.com/oauth/v2/authorization
followed by the access token url:
https://www.linkedin.com/oauth/v2/accessToken
was all that I really had to do (passing with the right parameters).