Sample code for 30+ languages & platforms
Delphi ActiveX

Automatically Refresh Token for 401 Unauthorized

See more Google Calendar Examples

Demonstrates how to automatically refresh an access token (without user interaction) when the token expires and a 401 Unauthorized response is received.

Chilkat Delphi ActiveX Downloads

Delphi ActiveX
uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB;

...

procedure TForm1.Button1Click(Sender: TObject);
var
success: Integer;
tokenFilePath: WideString;
jsonToken: TChilkatJsonObject;
http: TChilkatHttp;
jsonResponse: WideString;
oauth2: TChilkatOAuth2;
sbJson: TChilkatStringBuilder;

begin
success := 0;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

tokenFilePath := 'qa_data/tokens/googleCalendar.json';

// Get our current access token.
jsonToken := TChilkatJsonObject.Create(Self);
success := jsonToken.LoadFile(tokenFilePath);
if (jsonToken.HasMember('access_token') = 0) then
  begin
    Memo1.Lines.Add('No access token found.');
    Exit;
  end;
http := TChilkatHttp.Create(Self);
http.AuthToken := jsonToken.StringOf('access_token');

jsonResponse := http.QuickGetStr('https://www.googleapis.com/calendar/v3/users/me/calendarList');
if (http.LastMethodSuccess <> 1) then
  begin

    if (http.LastStatus <> 401) then
      begin
        Memo1.Lines.Add(http.LastErrorText);
        Memo1.Lines.Add('----');
        Memo1.Lines.Add(http.LastResponseBody);
        Exit;
      end;

    // The access token must've expired. 
    // Refresh the access token and then retry the request.
    oauth2 := TChilkatOAuth2.Create(Self);

    oauth2.TokenEndpoint := 'https://www.googleapis.com/oauth2/v4/token';

    // Replace these with actual values.
    oauth2.ClientId := 'GOOGLE-CLIENT-ID';
    oauth2.ClientSecret := 'GOOGLE-CLIENT-SECRET';

    // Get the "refresh_token"
    oauth2.RefreshToken := jsonToken.StringOf('refresh_token');

    // Send the HTTP POST to refresh the access token..
    success := oauth2.RefreshAccessToken();
    if (success <> 1) then
      begin
        Memo1.Lines.Add(oauth2.LastErrorText);
        Exit;
      end;

    // The response contains a new access token, but we must keep
    // our existing refresh token for when we need to refresh again in the future.
    jsonToken.UpdateString('access_token',oauth2.AccessToken);

    // Save the new JSON access token response to a file.
    sbJson := TChilkatStringBuilder.Create(Self);
    jsonToken.EmitCompact := 0;
    jsonToken.EmitSb(sbJson.ControlInterface);
    sbJson.WriteFile(tokenFilePath,'utf-8',0);

    Memo1.Lines.Add('OAuth2 authorization granted!');
    Memo1.Lines.Add('New Access Token = ' + oauth2.AccessToken);

    // re-try the original request.
    http.AuthToken := oauth2.AccessToken;
    jsonResponse := http.QuickGetStr('https://www.googleapis.com/calendar/v3/users/me/calendarList');
    if (http.LastMethodSuccess <> 1) then
      begin
        Memo1.Lines.Add(http.LastErrorText);
        Exit;
      end;
  end;

Memo1.Lines.Add(jsonResponse);
Memo1.Lines.Add('-----------------------------');
end;