Sample code for 30+ languages & platforms
Tcl

Automatically Refresh Token for 401 Unauthorized

See more Google Calendar Examples

Demonstrates how to automatically refresh an access token (without user interaction) when the token expires and a 401 Unauthorized response is received.

Chilkat Tcl Downloads

Tcl

load ./chilkat.dll

set success 0

# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

set tokenFilePath "qa_data/tokens/googleCalendar.json"

# Get our current access token.
set jsonToken [new_CkJsonObject]

set success [CkJsonObject_LoadFile $jsonToken $tokenFilePath]
if {[CkJsonObject_HasMember $jsonToken "access_token"] == 0} then {
    puts "No access token found."
    delete_CkJsonObject $jsonToken
    exit
}

set http [new_CkHttp]

CkHttp_put_AuthToken $http [CkJsonObject_stringOf $jsonToken "access_token"]

set jsonResponse [CkHttp_quickGetStr $http "https://www.googleapis.com/calendar/v3/users/me/calendarList"]
if {[CkHttp_get_LastMethodSuccess $http] != 1} then {

    if {[CkHttp_get_LastStatus $http] != 401} then {
        puts [CkHttp_lastErrorText $http]
        puts "----"
        puts [CkHttp_lastResponseBody $http]
        delete_CkJsonObject $jsonToken
        delete_CkHttp $http
        exit
    }

    # The access token must've expired. 
    # Refresh the access token and then retry the request.
    set oauth2 [new_CkOAuth2]

    CkOAuth2_put_TokenEndpoint $oauth2 "https://www.googleapis.com/oauth2/v4/token"

    # Replace these with actual values.
    CkOAuth2_put_ClientId $oauth2 "GOOGLE-CLIENT-ID"
    CkOAuth2_put_ClientSecret $oauth2 "GOOGLE-CLIENT-SECRET"

    # Get the "refresh_token"
    CkOAuth2_put_RefreshToken $oauth2 [CkJsonObject_stringOf $jsonToken "refresh_token"]

    # Send the HTTP POST to refresh the access token..
    set success [CkOAuth2_RefreshAccessToken $oauth2]
    if {$success != 1} then {
        puts [CkOAuth2_lastErrorText $oauth2]
        delete_CkJsonObject $jsonToken
        delete_CkHttp $http
        delete_CkOAuth2 $oauth2
        exit
    }

    # The response contains a new access token, but we must keep
    # our existing refresh token for when we need to refresh again in the future.
    CkJsonObject_UpdateString $jsonToken "access_token" [CkOAuth2_accessToken $oauth2]

    # Save the new JSON access token response to a file.
    set sbJson [new_CkStringBuilder]

    CkJsonObject_put_EmitCompact $jsonToken 0
    CkJsonObject_EmitSb $jsonToken $sbJson
    CkStringBuilder_WriteFile $sbJson $tokenFilePath "utf-8" 0

    puts "OAuth2 authorization granted!"
    puts "New Access Token = [CkOAuth2_accessToken $oauth2]"

    # re-try the original request.
    CkHttp_put_AuthToken $http [CkOAuth2_accessToken $oauth2]
    set jsonResponse [CkHttp_quickGetStr $http "https://www.googleapis.com/calendar/v3/users/me/calendarList"]
    if {[CkHttp_get_LastMethodSuccess $http] != 1} then {
        puts [CkHttp_lastErrorText $http]
        delete_CkJsonObject $jsonToken
        delete_CkHttp $http
        delete_CkOAuth2 $oauth2
        delete_CkStringBuilder $sbJson
        exit
    }

}

puts "$jsonResponse"
puts "-----------------------------"

delete_CkJsonObject $jsonToken
delete_CkHttp $http
delete_CkOAuth2 $oauth2
delete_CkStringBuilder $sbJson