Forked from harryi3t/postman-oauth2-refresh-token.js
Last active
November 14, 2018 20:48
-
-
Save dbischof/0155fd849601710e35d3117f76626eb9 to your computer and use it in GitHub Desktop.
This gist shows how using the pre-request script in Postman, a new Oauth-2 token can be obtained using the a refresh token
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
** Inspired by: https://stackoverflow.com/a/52436395/1756953 | |
** Modified from: https://gist.github.com/harryi3t/dd5c61451206047db70710ff6174c3c1 | |
** | |
** Postman as of Nov 2018 does not support auto-refreshing of Oauth-2 tokens. | |
** This is an exmaple on how in one can refresh their Oauth-2 tokens just using the pre-request scripts. | |
** Pre-requisites: You need to have a refresh token. You can use the Postman app to get one. | |
** | |
** Step 1: Create a Postman environment and set the following variables: | |
** tokenUrl | |
** clientId | |
** clientSecret | |
** refreshToken | |
** If you already have a valid accessToken, add: | |
** accessToken | |
** accessTokenExpiresAt - Unixtimestamp access token will expire at (so it is not regenerated until it expires) | |
** | |
** Step 2: Edit Collection or Request, under "Authorization" set type to OAuth 2.0 and set "Access Token" to: {{accessToken}} | |
** | |
** Step 3: Copy the code below into the "Pre-request Scripts" | |
** | |
**/ | |
// Only run if access token is expired | |
if (pm.environment.get('accessTokenExpiresAt') > new Date().getTime()/1000) return; | |
// Set all these variables in an environment or at collection level | |
let tokenUrl = pm.environment.get('tokenUrl'), | |
clientId = pm.environment.get('clientId'), | |
clientSecret = pm.environment.get('clientSecret'), | |
refreshToken = pm.environment.get('refreshToken'), | |
requestOptions = { | |
method: 'POST', | |
url: tokenUrl, | |
body: { | |
mode: 'formdata', | |
formdata: [ | |
{ | |
key: 'grant_type', | |
value: 'refresh_token' | |
}, | |
{ | |
key: 'client_id', | |
value: clientId | |
}, | |
{ | |
key: 'client_secret', | |
value: clientSecret | |
}, | |
{ | |
key: 'refresh_token', | |
value: refreshToken | |
} | |
] | |
} | |
}; | |
console.log({ requestOptions }); | |
pm.sendRequest(requestOptions, (err, response) => { | |
let jsonResponse = response.json(), | |
newAccessToken = jsonResponse.access_token, | |
newRefreshToken = jsonResponse.refresh_token, | |
expiresAt = Math.floor(new Date().getTime()/1000) + jsonResponse.expires_in; | |
console.log({ err, jsonResponse, newAccessToken }); | |
// To persist the tokens | |
pm.environment.set('accessToken', newAccessToken); | |
pm.environment.set('refreshToken', newRefreshToken); | |
pm.environment.set('accessTokenExpiresAt', expiresAt - 60) | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment