Join Log in
Score:0
did avatar Drupal

Problem with refreshing the access token

in flag
did

I am building an app which uses Drupal (9.4.8) as the API. I am using the Simple OAuth module to authorise the client. I have got almost everything working fine, I am receiving the Access Token and the Refresh Token as expected. But, after a lot of searching, I still can't find out which path I need to refresh the tokens.

According to this video tokens can be refreshed on the path "/simple-oauth/refresh". But that path doesn't exist and I guess the video refers to an old version of the module...

Can anyone shed any light on this?

283
1 + 3
9
id flag
cilefen
What is the precise version of the module you are using and can you confirm the module is this one? https://www.drupal.org/project/simple_oauth
1
Reply
did avatar
in flag
did
Yes, that's the module, version 5.2.0
0
Reply
did avatar
in flag
did
Ok, I have made some progress. Got it to working on Talend API Tester. By following these instructions here: [link](https://datatracker.ietf.org/doc/html/rfc6749#page-47). The refresh url should be /oauth/token (same as login). You also need to send the grant_type and client_id.
0
Reply
Score:1
did avatar Drupal
in flag
did

I have got it working with the following steps:

In the Auth strategy in nuxt.config.js

  • Set the refresh path to /oauth/token (I also added a query string, ?refresh to distinguish out from the login path)
  • Add this to the header 'Content-Type': 'application/x-www-form-urlencoded'

Here's the code:

    refresh: {
     url: '/oauth/token?refresh',
     method: 'post',
     headers: { 'Accept': '*/*','Content-Type': 'application/x-www-form-urlencoded' },
    },

I still had problems sending the body in the x-www-form-urlencoded format, so I then created an Axios interceptor plugin to alter the request. This plugin (~/plugins/axios.js) intercepts request made to /oauth/token?refresh and puts the grant type, the refresh token and the client id in the correct format.

Here's the plugin:

var qs = require('qs');

export default function ({ $axios, redirect }) {
  $axios.onRequest(config => {
    if (config.url == '/oauth/token?refresh') {
      const params = new URLSearchParams(config.data);
      const refreshToken params.get('refresh_token');
      config.data = qs.stringify({'grant_type': 'refresh_token', 'refresh_token': refreshToken,'client_id':'xxxxx-your-client-id-XXXX'})
    }
  })
}
+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.