Tcl
Tcl
Refresh Expiring OAuth2 Access Token for Azure Registered App
See more OAuth2 Examples
Shows how to renew an Azure App's access token using the refresh token when it's near expiration.Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# We previously obtained an access token and saved the JSON to a file using this example:
# Get OAuth2 Access Token for Azure Registered App
# This example will examine the JSON and expiration date, and if near expiration will
# refresh the access token.
set json [new_CkJsonObject]
set success [CkJsonObject_LoadFile $json "qa_data/tokens/_myAzureApp.json"]
if {$success != 1} then {
puts "Failed to load the access token."
delete_CkJsonObject $json
exit
}
# The contents of the JSON look like this:
# {
# "token_type": "Bearer",
# "scope": "User.Read Mail.ReadWrite Mail.Send",
# "expires_in": 3600,
# "ext_expires_in": 0,
# "access_token": "EwBAA8l6B...",
# "refresh_token": "MCRMdbe6Cd...",
# "id_token": "eyJ0eXAiOiJ...",
# "expires_on": "1494112119"
# }
# The "expires_on" value is a Unix time.
set dtExpire [new_CkDateTime]
CkDateTime_SetFromUnixTime $dtExpire 0 [CkJsonObject_IntOf $json "expires_on"]
# If this date/time expires within 10 minutes of the current system time, refresh the token.
if {[CkDateTime_ExpiresWithin $dtExpire 10 "minutes"] != 1} then {
puts "No need to refresh, the access token won't expire within the next 10 minutes."
delete_CkJsonObject $json
delete_CkDateTime $dtExpire
exit
}
# OK, we need to refresh the access token..
set oauth2 [new_CkOAuth2]
# Note: The endpoint depends on the Azure App Registration.
# See How to Choose the Correct Endpoints for your Azure App Registration
CkOAuth2_put_TokenEndpoint $oauth2 "https://login.microsoftonline.com/common/oauth2/v2.0/token"
# Use your client ID.
CkOAuth2_put_ClientId $oauth2 "CLIENT_ID"
# Get the existing refresh token.
CkOAuth2_put_RefreshToken $oauth2 [CkJsonObject_stringOf $json "refresh_token"]
# Send the HTTP POST to refresh the access token.
set success [CkOAuth2_RefreshAccessToken $oauth2]
if {$success == 0} then {
puts [CkOAuth2_lastErrorText $oauth2]
delete_CkJsonObject $json
delete_CkDateTime $dtExpire
delete_CkOAuth2 $oauth2
exit
}
puts "OAuth2 authorization granted!"
puts "Access Token = [CkOAuth2_accessToken $oauth2]"
# Get the full JSON response:
CkJsonObject_Load $json [CkOAuth2_accessTokenResponse $oauth2]
CkJsonObject_put_EmitCompact $json 0
# If an "expires_on" member does not exist, then add the JSON member by
# getting the current system date/time and adding the "expires_in" seconds.
# This way we'll know when the token expires.
if {[CkJsonObject_HasMember $json "expires_on"] != 1} then {
CkDateTime_SetFromCurrentSystemTime $dtExpire
CkDateTime_AddSeconds $dtExpire [CkJsonObject_IntOf $json "expires_in"]
CkJsonObject_AppendString $json "expires_on" [CkDateTime_getAsUnixTimeStr $dtExpire 0]
}
puts [CkJsonObject_emit $json]
# Save the new access token JSON to a file for future requests.
set fac [new_CkFileAccess]
CkFileAccess_WriteEntireTextFile $fac "qa_data/tokens/_myAzureApp.json" [CkJsonObject_emit $json] "utf-8" 0
delete_CkJsonObject $json
delete_CkDateTime $dtExpire
delete_CkOAuth2 $oauth2
delete_CkFileAccess $fac