jlevers / selling-partner-api

A PHP client library for Amazon's Selling Partner API
BSD 3-Clause "New" or "Revised" License
410 stars 200 forks source link

Exchanging Authorization Code for an LWA Refresh Token? #313

Closed ShaneOH closed 2 years ago

ShaneOH commented 2 years ago

Hey there,

Thanks for putting the work into this fantastic SDK @jlevers! I'm currently working on migrating an MWS application to an SP-API/hybrid app. Following this blog post, the steps seem fairly straightforward:

  1. Use the LWA ID given in the Dev Console to generate a grantless LWA access token
  2. Generate temporary credentials using AWS Security Token Service (AWS STS)
  3. Make a call to Authorization API endpoint
  4. Exchange authorization code for an LWA refresh token

Now, Steps 1-3 seem completely abstracted away in your SDK by calling (new AuthorizationV1Api($configObject))->getAuthorizationCode($sellerId, $devId, $mwsAuthToken) -- correct? This is great, I can see an authorization code returned from that call.

However, I'm surprised to not be finding any documentation on passing that authorization_code right back into the call to exchange for a LWA refresh token. Am I missing it somewhere? It seems like a critical part of the entire process. Searching through the repo I found your comment here: https://github.com/jlevers/selling-partner-api/issues/10#issuecomment-815444053 that seems to be the call we need. Has this been integrated into the SDK yet since then, or is it still a matter of just making a raw HTTP call to that endpoint specifically, saving the result back, and then using that token in all the SDK calls thereafter?

jlevers commented 2 years ago

Hey @ShaneOH -- yep, you have all that right. Steps 1-3 are covered by the library, but I never got around to integrating the code for generating a new SP API token with authorization_code. The code you linked from issue #10 is the correct code, yes. You'll just need to make that request a single time and then save the resulting refresh token.

ShaneOH commented 2 years ago

@jlevers Got it, thanks for the confirmation! No problem for me -- feel free to close this issue then if you want or leave it open if it's a planned feature to be added!