Sample code for 30+ languages & platforms
PHP ActiveX

Refresh HMRC OAuth2 Access Token

See more OAuth2 Examples

Demonstrates how to refresh an HMRC access token.

Chilkat PHP ActiveX Downloads

PHP ActiveX
<?php

$success = 0;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// See Get HMRC Access Token 
// for sample code showing how to obtain a HMRC access token for desktop apps.

// It is assumed we previously obtained an OAuth2 access token for HMRC.

$jsonToken = new COM("Chilkat.JsonObject");
$success = $jsonToken->LoadFile('qa_data/tokens/hmrc.json');
if ($success != 1) {
    print 'Failed to load hmrc.json' . "\n";
    exit;
}

// The access token JSON looks something like this:

// {
//   "token_type": "Bearer",
//   "scope": "user_impersonation",
//   "expires_in": "3599",
//   "ext_expires_in": "0",
//   "expires_on": "1524783438",
//   "not_before": "1524779538",
//   "resource": "https://mydomain.api.crm.dynamics.com",
//   "access_token": "...",
//   "refresh_token": "...",
//   "id_token": "..."
// }

$oauth2 = new COM("Chilkat.OAuth2");

$oauth2->TokenEndpoint = 'https://test-api.service.hmrc.gov.uk/oauth/token';

// Replace these with actual values.
$oauth2->ClientId = 'HMRC-CLIENT-ID';
$oauth2->ClientSecret = 'HMRC-CLIENT-SECRET';

// Get the "refresh_token"
$oauth2->RefreshToken = $jsonToken->stringOf('refresh_token');

// Send the HTTP POST to refresh the access token..
$success = $oauth2->RefreshAccessToken();
if ($success != 1) {
    print $oauth2->LastErrorText . "\n";
    exit;
}

// Load the access token response into the json object 
$jsonToken->Load($oauth2->AccessTokenResponse);

// If an "expires_on" member does not exist, then add the JSON member by
// getting the current system date/time and adding the "expires_in" seconds.
// This way we'll know when the token expires.
if ($jsonToken->HasMember('expires_on') == 0) {
    $dtExpire = new COM("Chilkat.CkDateTime");
    $dtExpire->SetFromCurrentSystemTime();
    $dtExpire->AddSeconds($jsonToken->IntOf('expires_in'));
    $jsonToken->AppendString('expires_on',$dtExpire->getAsUnixTimeStr(0));
}

// Save the new JSON access token response to a file.
// The access + refresh tokens contained in this JSON will be needed for the next refresh.
$sbJson = new COM("Chilkat.StringBuilder");
$jsonToken->EmitCompact = 0;
$jsonToken->EmitSb($sbJson);
$sbJson->WriteFile('qa_data/tokens/hmrc.json','utf-8',0);

print 'OAuth2 authorization granted!' . "\n";
print 'New Access Token = ' . $oauth2->AccessToken . "\n";

?>