I'm trying to help my developer and he needs an example of some sort.
We are currently using the authorization flow method for retrieving tokens. This is a concern as the refresh tokens time out within an hour. We are using a text app that triggers text globally, so it's a 24 hour operation that doesn't have someone available to login and authorize the app every hour. With the call log app, we pull that data throughout the day and night, so we'll need the authorization current for that as well.
Has anyone been able to get the authorization access and refresh tokens to renew on an automatic basis? For example, the initial login and authorization of the app would be done once, then the refresh token would be renewed every 55-57 minutes and the access token would renewed every six days. Even if the user has to do an initial login and authorization, that's fine, as long as the subsequent authorization tokens are automated.
I'm looking for any ideas or solutions, preferably with some sort of example to walk my developer through, even if it's just a basic one. Thanks!
I have a button in our application redirecting to GET /connect
def connectThe redirect_uri should be the same as the one you set up in your dev account. In order to test in dev, you can add one without https like http://localhost/your/path/oauth2callback.
state_parameter = Base64.encode64({my_param: param}.to_json)
client = OAuth2::Client.new(client_id, client_secret, {:authorize_url => "https://#{api_server_url}/restapi/oauth/authorize"})
redirect_to client.auth_code.authorize_url(redirect_uri: redirect_uri, response_type: 'code', state: state_parameter )
end
At this point, the user has to enter his login/pwd of his ringcentral account, he has to authorize the access to the information you set and ringcentral redirect you as POST to your redirect uri.
You should create a route POST /oauth2callback
There you get a code that you exchange with a token.
post_params = {client_id: client_id, code: params[:code],
grant_type: 'authorization_code', redirect_uri: redirect_uri}
resp = JSON.parse(RestClient.post("https://#{api_server_url}/restapi/oauth/token", post_params))
In resp you have your token, keep it in your DB.
This way there is nothing manual, it is all automatic and the user is asked to accept the permission just once.
It is a classic oauth2 process, you ask for a code, then you exchange the code for a token. You keep the token and refresh it.
Hope it helps.
I don't do a request every hour, so what I did is before doing any request, I check if the token is still valid (with the expiration date). If yes, I keep the token and do my request. If not, I use the refresh token to renew my token and save the new token, the new refresh token, and the new expiration date.
I also have a cron running every day that renews the token if the refresh token arrives at expiration.
I don't know if this is the best solution but it is one that is working for me :-)
That's what I did to refresh my token in ruby:
url = "https://#{client_id}:#{client_secret}@#{api_server_url}/restapi/oauth/token"response = JSON.parse(RestClient.post(url, parameters, headers))
headers = {accept: :json, content_type: 'application/x-www-form-urlencoded'}
parameters = "refresh_token=#{refresh_token}&grant_type=refresh_token"
=> in the response I have the new access token and the new refresh token that I saved for later.
Hope it will help you.
A new Community is coming to RingCentral!
Posts are currently read-only as we transition into our new platform.We thank you for your patience
during this downtime.
Try Workflow Builder
Did you know you can easily automate tasks like responding to SMS, team messages, and more? Plus it's included with RingCentral Video and RingEX plans!Try RingCentral Workflow Builder