How do I obtain an Access Token using a refresh token with OAuth2?
318 views
Skip to first unread message
TWagner
Oct 30, 2019, 6:41:19 PM10/30/19
to Guzzle - PHP HTTP client and REST client framework
I am trying to make middleware work with a 2-legged OAuth flow. The server we are connecting to has already authorized our app, and we've been issued a refresh token (which doesn't seem to expire) that we can use to get new access tokens.
From the Service Providers Docs:
From the Service Providers Docs:
Authentication Workflow
The authentication workflow comprises of two steps:
- Use your refresh token to get a client-scoped access token
- Use the client-scoped access token to access resources
For each step, the
Authorizationheader must be present.
The CURL Request would look like this (and it works perfectly on Postman
I've hit a block on Step 1.
curl -XPOST {base_url}/v3/partners/oauth2/token \
-H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." \ -F
-F "grant_type=client_credentials" \ -F
-F "client_id=daxko_api_user" \ -F
-F "client_secret=d9a2652cf96d734661c10d5ff2f8061f" \ -F
-F "scope=client:9999"
I've hit a block on Step 1.
As an aside: I've used Postman obtain the Access_token... manually inserted that into kamermans solution and am able to retrieve data.
I've gotten the closest with Kamermans /Guzzle-oath2-subscriber. However, it does not contain the first part of the connection process (e.g., getting the access token using the refresh token- and that deficiency is documented as an issue https://github.com/kamermans/guzzle-oauth2-subscriber
I've also looked league/oauth2 . But there isn't a shred of documentation for grant_type = ClientCredentials
Any pointers would be deeply appreciated!
I've also looked league/oauth2 . But there isn't a shred of documentation for grant_type = ClientCredentials
Any pointers would be deeply appreciated!
Reply all
Reply to author
Forward
0 new messages