(Excel) Microsoft Graph -- Renew Expiring Access Token (Azure AD v2.0 Endpoint)

Demonstrates how to renew an expiring access token using the refresh token. This example is for renewing an access token using the Azure AD v2.0 endpoint (not the Azure AD endpoint).

An app needs to watch for the expiration of these tokens and renew the expiring access token before the refresh token expires.

This example requires Chilkat v9.5.0.67 or greater.

Download Excel Class Modules Chilkat Excel Class Modules

' This example requires the Chilkat API to have been previously unlocked.
' See Global Unlock Sample for sample code.

' We previously obtained an access token and saved the JSON to a file using this example:
' Get Access Token using Azure AD v2.0 Endpoint

' This example will examine the JSON and expiration date, and if near expiration will
' refresh the access token.

Dim json As Chilkat.JsonObject
Set json = Chilkat.NewJsonObject

success = json.LoadFile("qa_data/tokens/microsoftGraph.json")
If (success <> True) Then
    Exit Sub
End If

' The contents of the JSON look like this:
' {
'   "token_type": "Bearer",
'   "scope": "User.Read Mail.ReadWrite Mail.Send",
'   "expires_in": 3600,
'   "ext_expires_in": 0,
'   "access_token": "EwBAA8l6B...",
'   "refresh_token": "MCRMdbe6Cd...",
'   "id_token": "eyJ0eXAiOiJ...",
'   "expires_on": "1494112119"
' }

' The "expires_on" value is a Unix time.
Dim dtExpire As Chilkat.CkDateTime
Set dtExpire = Chilkat.NewCkDateTime
Dim success As Boolean
success = dtExpire.SetFromUnixTime(False,json.IntOf("expires_on"))

' If this date/time expires within 10 minutes of the current system time, refresh the token.
If (dtExpire.ExpiresWithin(10,"minutes") <> True) Then
    Debug.Print "No need to refresh, the access token won't expire within the next 10 minutes."
    Exit Sub
End If

' OK, we need to refresh the access token by sending a POST like this:
' 

' 	POST https://login.microsoftonline.com/common/oauth2/v2.0/token HTTP/1.1
' 	Host: login.microsoftonline.com
' 	Content-Type: application/x-www-form-urlencoded
' 	Content-Length: ***
' 
' 	grant_type=refresh_token
' 	&redirect_uri=http%3A%2F%2Flocalhost%3A3017%2F
' 	&client_id=8b8539cd-7b75-427f-bef1-4a6264fd4940
' 	&client_secret=PJW3dznGfyNSm3rM9aHeXWGKsTMepKXT1Eqy45XXdU4%3D
' 	&refresh_token=AAABAAAAvPM1KaPlrEqdFSBzjqfTGM74--...

Dim req As Chilkat.HttpRequest
Set req = Chilkat.NewHttpRequest
req.AddParam "grant_type","refresh_token"
req.AddParam "redirect_uri","http://localhost:3017/"
req.AddParam "client_id","MICROSOFT-GRAPH-CLIENT-ID"
req.AddParam "client_secret","MICROSOFT-GRAPH-CLIENT-SECRET"
req.AddParam "refresh_token",json.StringOf("refresh_token")

Dim http As Chilkat.Http
Set http = Chilkat.NewHttp


Set resp = http.PostUrlEncoded("https://login.microsoftonline.com/common/oauth2/v2.0/token",req)
If (http.LastMethodSuccess <> True) Then
    Debug.Print http.LastErrorText
    Exit Sub
End If

' Load the JSON response.
success = json.Load(resp.BodyStr)
json.EmitCompact = False

' Show the JSON response.
Debug.Print json.Emit()

Debug.Print "Response status code: "; resp.StatusCode

' If the response status code is not 200, then it's an error.
If (resp.StatusCode <> 200) Then
    Exit Sub
End If

' If an "expires_on" member does not exist, then add the JSON member by
' getting the current system date/time and adding the "expires_in" seconds.
' This way we'll know when the token expires.
If (json.HasMember("expires_on") <> True) Then
    success = dtExpire.SetFromCurrentSystemTime()
    success = dtExpire.AddSeconds(json.IntOf("expires_in"))
    success = json.AppendString("expires_on",dtExpire.GetAsUnixTimeStr(False))
End If

' Save the refreshed access token JSON to a file for future requests.
Dim fac As Chilkat.FileAccess
Set fac = Chilkat.NewFileAccess
success = fac.WriteEntireTextFile("qa_data/tokens/microsoftGraph.json",json.Emit(),"utf-8",False)