search

hapramp / steemconnect4j

SteemConnect SDK for Java.
MIT License
5 stars 1 forks source link

Feature of Refresh Tokens #17

Closed bxute closed 6 years ago

bxute commented 6 years ago

Refer https://steemit.com/utopian-io/@r351574nc3/tutorial-oauth2-access-tokens-and-refresh-tokens-with-steemconnect for tips.

bxute commented 6 years ago

User authentication is performed by following steps.

1. Get Code

URL https://v2.steemconnect.com/oauth2/authorize?client_id=we-resist&response_type=code&redirect_uri=https%3A%2F%2Fwe-resist-bot.herokuapp.com%2F&scope=vote,comment,offline

Notice the response_type is code. We use this response_type to receive a code from steemconnect instead of an access_token.

2. Get Refresh Tokens

  method: "POST",
    uri: "https://steemconnect.com/api/oauth2/token",
    body: {
      response_type: "refresh",
      code: code,
      client_id: "cid",
      client_secret: client_secret,
      scope: "vote,comment,offline"
    }

It responses with : 

{
    access_token: blah blah blah,
    username: blahblahblah,
    refresh_token: blah blah blah
}

We have the access_token for instant use. We can save refresh_token for later use.

bxute commented 6 years ago

Using Refresh Token to get Access Token

1 . Perform a Http Request

method: "POST",
uri: "https://v2.steemconnect.com/api/oauth2/token",
body: {
   refresh_token: user.refresh_token,
   client_id: "we-resist",
   client_secret: sc2_secret,
   scope: "vote,comment,offline"
}

Note: The purpose of client_secret is to process refresh_tokens.

singhpratyush commented 6 years ago

Fixed in 33d2b268f3c1f88cbe75ef3a93085e4b0ea6393f.