OAU-213 Token not found, token is failing to refresh

Question

question

Alex Schittko asked Jul 16, '20 Alex Schittko answered Jul 21, '20

OAU-213 Token not found, token is failing to refresh

I'm having an issue building out my first RingCentral app. Using PHP 7 with the RingCentral PHP SDK fetched via Composer.

The idea here is the app will need to be authorized once upon startup, and will stay logged in as long as the app is running, allowing any user who queries the app to achieve a result from RingCentral, parsed in a manner acceptable for my org.

When the app goes through the oauth2 login flow, upon success it will store the access token to a cache (Redis):

if (isset($_REQUEST['oauth2callback'])){
 if (!isset($_GET['code'])) {
 return;
 }
 $qs = $platform->parseAuthRedirectUrl($_SERVER['QUERY_STRING']);
 $qs["redirectUri"] = $RINGCENTRAL_REDIRECT_URL;

 $platform->login($qs);
 $_SESSION['sessionAccessToken'] = $platform->auth()->data();
 
 $redis->set("accessToken", serialize($_SESSION['sessionAccessToken']));

On every subsequent page load that requires the app to be authenticated with RingCentral, we check if the token exists, and set it on the platform object if appropriate. Else, we'll redirect to the login flow.

$rcsdk = new SDK($RINGCENTRAL_CLIENT_ID, $RINGCENTRAL_CLIENT_SECRET, $RINGCENTRAL_SERVER_URL);
$platform = $rcsdk->platform();

if (! $redis->get("accessToken")) { 
 header("Location: " . $host);
}
else {
 session_start();
 $_SESSION['sessionAccessToken'] = $redis->get('accessToken');
 $platform->auth()->setData( unserialize( $_SESSION['sessionAccessToken'] ) );
}

Based on the README for the php SDK, the platform object is capable of refreshing the token itself in the event that the access token expires.

The app has a component where it runs a cron job periodically to seed it's database with fresh data from the RC API:

<?php

// Log in to the API
require(__DIR__ . '/vendor/autoload.php');
require_once("./config/configs.php");
require_once("./database/redis.php");

use RingCentral\SDK\Http\HttpException;
use RingCentral\SDK\Http\ApiResponse;
use RingCentral\SDK\SDK;

$rcsdk = new SDK($RINGCENTRAL_CLIENT_ID, $RINGCENTRAL_CLIENT_SECRET, $RINGCENTRAL_SERVER_URL);
$platform = $rcsdk->platform();

if (! $redis->get("accessToken")) { 
 die("Cron is exiting because the app is not logged in");
}

// Get the call records
$platform->auth()->setData( unserialize( $redis->get("accessToken") ) );
try { 
 $apiResponse = $rcsdk->platform()->get('/restapi/v1.0/account/~/active-calls', array( "Direction" => "Inbound", "view" => "Detailed")) ;
}
catch (\RingCentral\SDK\Http\ApiException $e) {
 // Getting error messages using PHP native interface
 print 'RC API Error: ' . $e->getMessage() . PHP_EOL;
 die();
}
// Store to DB
$redis->set("callLog", serialize($apiResponse->json()->records));

echo "Refreshed the call data!";
?>

After about an hour of leaving the application running, the cron starts dieing out on:

RC API Error: Token not found

I was able to dump the request and response objects when I get a Token not found error:

So, clearly, the token refreshing is either
a) not happening
b) happening in a context that doesn't push the token back up to my client

Can I be provided with some sample code to manually refresh the token?
Or guidance on storing the refreshed token so that the app will function?
Seeing as I already run cron jobs to seed data, adding another (check if token is refreshed ? do token refresh) block of code will be trivial at this point.

Many thanks!

oauth2 php

1594858889394.png (133.9 KiB)

1 |1000

Attachments: Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Answer 1 · 2020-07-21T20:56:57Z

Alex Schittko answered Jul 21, '20

Yeah, that was the solution. I needed to store the token at the end of every cron run, so that in the event that the platform refreshed the token, I will be storing the new token.

1 |1000

Attachments: Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Answer 2 · 2020-07-16T02:50:00Z

Alex Schittko answered Jul 16, '20

Aha! I think I might be on to something

Just because the platform is capable of refreshing the token, doesn't mean I'm storing the refreshed token.

A few lines of code to the cron job before we start calling the API for active calls:

// Get the call records
$platform->auth()->setData( unserialize( $redis->get("accessToken") ) );
if ( ! $platform->loggedIn() ) {
    $platform->refresh();
    error_log("I refreshed my own token!");
}

try { 
    $apiResponse = $rcsdk->platform()->get('/restapi/v1.0/account/~/active-calls', array( "Direction" => "Inbound", "view" => "Detailed")) ;
}

And an extra line to the end, when stuff gets stored to the cache:

// Store to DB
$redis->set("callLog", serialize($apiResponse->json()->records));

// Store the token object back to cache.
// The token object will refresh if needed.
// If the token was refreshed, we will need to store the new one, like this.
$redis->set("accessToken", serialize($platform->auth()->data()));

I'm going to let this cron job run overnight and see if this works the way it's intended now

1 |1000

Attachments: Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

question