phpoauthuber-api

How to renew access token with OAuth Refresh token?


I'm creating simple app for Uber.
And I've already solved 3 steps from this API: https://developer.uber.com/docs/authentication
But now I want to refresh token (step 5).
I receive access_token, refresh_token, expires_in values, and I can't understand how to set up timer to refresh user's token with refresh_token when the expires_in time expire.
Here I provide my example of code, where I want to renew access token with refresh_token.

<?php
session_start();

require_once 'uber_b.php';
require_once 'config.php';


if(isset($_GET['code'])) {
// try to get an access token
$code = $_GET['code'];
$url = 'https://login.uber.com/oauth/token';

/* 
* Create row for function setPostData (uber_b.php)
* All of this rows will be used to build our request
*/
$params = array(
    "code" => $code,
    "client_id" => $client_id,
    "client_secret" => $client_secret,
    "redirect_uri" => $redirect,
    "grant_type" => "authorization_code"
);
//create example of class
$request = new HttpPost($url);
//Connect this class with our settings
$request->setPostData($params);
//Send our request to Uber
$request->send(); 
//Receive response
$responseObj = json_decode($request->getHttpResponse());
//Execute parameters from answer
$user_token = $responseObj->access_token;
//Refresh token 
$refresh_token = $responseObj->refresh_token;
//Time for token
$expires_in = $responseObj->expires_in;

echo "User's token: " . $user_token;
echo "<br>";
echo "Refresh token is: " .$refresh_token ;
echo "<br>";
echo "Time: ".$expires_in;
echo "<br>";
echo "<a href='order.php'>Order a car</a>";
}

//Refresh token
if(isset($responseObj))
{
        $exp_time = time()+2592000;
        try {
            //insert into database
            $stmt = $db->prepare('INSERT INTO token2 (exp_time)
                                      VALUES (:exp_time)
                                    ');
            $stmt->execute(array(
                ':exp_time' => $exp_time
            ));             
        } catch(PDOException $e) {
            echo $e->getMessage();
        }
}
if(time() >= $exp_time)
{
//Parameters for Uber refresh token request(step 5)
$r_params = array(
    "client_id" => $client_id,
    "client_secret" => $client_secret,
    "redirect_uri" => $redirect,
    "grant_type" => "refresh_token",
    "refresh_token" => $refresh_token
    );
 $r_request = new RefreshToken($url);

 $r_request->setPostData($r_params);
 $r_request->send(); 
 $refresh = $refresh_token;
 $r_responseObj = json_decode($r_request->Refresh());

echo "New Refresh token: " . $r_responseObj->refresh_token;
echo "<br>";
}
?>

As you see, I don't provide timer function, because I don't understand how to make it right.
So, can you explain me how to correctly renew access_token using refresh_token?
Maybe I have to use setcookie(), or something else to solve this task?


Solution

  • tl;dr You don't need a timer, you need to check before each HTTP request to the Uber API that the access token is still valid.
    To do this, you need to persist the token details + UNIX timestamp.