(C) Refresh OAuth2 Access Token with Optional Params

See more OAuth2 Examples

Note: This example requires Chilkat v9.5.0.97 or greater.

Chilkat C/C++ Library Downloads
MS Visual C/C++ C++ Builder Linux C/C++ Alpine Linux C/C++	MacOS C/C++ iOS C/C++ Android C/C++ MinGW C/C++

#include <C_CkJsonObject.h>
#include <C_CkOAuth2.h>
#include <C_CkStringBuilder.h>

void ChilkatSample(void)
    {
    HCkJsonObject jsonToken;
    BOOL success;
    HCkOAuth2 oauth2;
    HCkStringBuilder sbJson;

    // Here is a sampling of possible optional parameters that might
    // be used by some OAuth2 providers.

    // Optional Parameters
    // 
    //     "scope":
    //         Specifies the scope of the access request. If omitted, the authorization
    //         server may issue a token with the same scope as the original token.
    //         Example: "scope=read write"
    // 
    //     "redirect_uri":
    //         The redirect URI used in the original authorization request. Some
    //         servers may require this for validation.
    //         Example: "redirect_uri=https://example.com/callback"
    // 
    //     "resource":
    //         Indicates the target resource or audience for the token. This is used in
    //         some implementations (e.g., Microsoft Identity Platform).
    //         Example: "resource=https://api.example.com"
    // 
    //     "audience":
    //         Similar to "resource", this specifies the intended audience for the
    //         token (used in some OAuth2 implementations like Auth0).
    //         Example: "audience=https://api.example.com"
    // 
    //     "client_assertion" and "client_assertion_type":
    //         Used for client authentication using a signed JWT instead of a client
    //         secret.
    //         Example:client_assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...        
    //         client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer
    // 
    //     "token_type_hint":
    //         Provides a hint to the authorization server about the type of token
    //         being refreshed. This is rarely used but can be helpful in some cases.
    //         Example: "token_type_hint=refresh_token"
    // 
    //     "assertion":
    //         Used in some flows (e.g., SAML bearer assertion flow) to provide an
    //         assertion for token issuance.
    //         Example: "assertion=PHNhbWxwOl..."
    // 
    //     "requested_token_use":
    //         Specifies how the token will be used (e.g., "on_behalf_of" in the
    //         On-Behalf-Of flow used by Microsoft Identity Platform).
    //         Example: "requested_token_use=on_behalf_of"
    // 

    // --------------------------------------------------------------------------------
    // This example wll refresh the access token and includes the "audience"
    // optional query parameter.
    // 
    // 

    // Get the access token to be refreshed.
    jsonToken = CkJsonObject_Create();
    success = CkJsonObject_LoadFile(jsonToken,"qa_data/tokens/myAccessToken.json");
    if (success != TRUE) {
        printf("Failed to load hmrc.json\n");
        CkJsonObject_Dispose(jsonToken);
        return;
    }

    oauth2 = CkOAuth2_Create();

    CkOAuth2_putTokenEndpoint(oauth2,"https://api.example.com/oauth/token");

    // Replace these with actual values.
    CkOAuth2_putClientId(oauth2,"CLIENT_ID");
    CkOAuth2_putClientSecret(oauth2,"CLIENT_SECRET");

    // Add the optional refresh query param.
    // Call AddRefreshQueryParam multiple times to add additional params.
    CkOAuth2_AddRefreshQueryParam(oauth2,"audience","https://api.example.com");

    // Provide the existing refresh token from the JSON.
    CkOAuth2_putRefreshToken(oauth2,CkJsonObject_stringOf(jsonToken,"refresh_token"));

    // Send the HTTP POST to refresh the access token..
    success = CkOAuth2_RefreshAccessToken(oauth2);
    if (success != TRUE) {
        printf("%s\n",CkOAuth2_lastErrorText(oauth2));
        CkJsonObject_Dispose(jsonToken);
        CkOAuth2_Dispose(oauth2);
        return;
    }

    // Load the access token response into the json object 
    CkJsonObject_Load(jsonToken,CkOAuth2_accessTokenResponse(oauth2));

    // Save the new JSON access token response to a file.
    // The access + refresh tokens contained in this JSON will be needed for the next refresh.
    sbJson = CkStringBuilder_Create();
    CkJsonObject_putEmitCompact(jsonToken,FALSE);
    CkJsonObject_EmitSb(jsonToken,sbJson);
    CkStringBuilder_WriteFile(sbJson,"qa_data/tokens/myAccessToken.json","utf-8",FALSE);

    printf("OAuth2 access token refreshed!\n");
    printf("New Access Token = %s\n",CkOAuth2_accessToken(oauth2));


    CkJsonObject_Dispose(jsonToken);
    CkOAuth2_Dispose(oauth2);
    CkStringBuilder_Dispose(sbJson);

    }