Sample code for 30+ languages & platforms
PureBasic

Hotmail Refresh Access Token (also for Live.com, Outlook.com)

See more OAuth2 Examples

An OAuth2 access token is typically valid for 1 hour. Interaction with the Hotmail account owner via a browser is only needed for getting the initial access token. Once you have it, it can be continually refreshed without user interaction for a long time.

See: How Long can an OAuth2 Access Token be Refreshed?

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkStringBuilder.pb"
IncludeFile "CkJsonObject.pb"
IncludeFile "CkOAuth2.pb"

Procedure ChilkatExample()

    success.i = 0

    ; This example requires the Chilkat API to have been previously unlocked.
    ; See Global Unlock Sample for sample code.

    ; It is assumed we previously obtained an OAuth2 access token.

    ; Note: Refreshing an access token does not require user-interaction.  
    ; Only the act of getting the initial access token requires interactive authorization from the Hotmail account owner 
    ; (i.e. a browser is displayed and the Hotmail account owner authorizes access by the app).

    ; Once you have the initial access token, it can be refreshed for a long time.
    ; A typical strategy is to write your application to automatically refresh the access token 
    ; when authentication fails, and then retry the operation with the new access token.

    jsonToken.i = CkJsonObject::ckCreate()
    If jsonToken.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    success = CkJsonObject::ckLoadFile(jsonToken,"qa_data/tokens/hotmail.json")
    If success <> 1
        Debug "Failed to load office365.json"
        CkJsonObject::ckDispose(jsonToken)
        ProcedureReturn
    EndIf

    ; The access token JSON looks like this:

    ; {
    ;   "token_type": "Bearer",
    ;   "scope": "https://outlook.office.com/SMTP.Send https://outlook.office.com/IMAP.AccessAsUser.All https://outlook.office.com/POP.AccessAsUser.All",
    ;   "expires_in": 3600,
    ;   "ext_expires_in": 3600,
    ;   "access_token": "EwBoA+ ... 7pOYcWr5pFwQgI=",
    ;   "refresh_token": "M.C546_BL2.0.U.-CkW ... g5CKSlDBQ$$",
    ;   "id_token": "eyJ0e ... 2iiu5iqBK9n7s3A"
    ; }

    oauth2.i = CkOAuth2::ckCreate()
    If oauth2.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    ; See Microsoft OAuth2 Authorization Endpoint
    CkOAuth2::setCkTokenEndpoint(oauth2, "https://login.microsoftonline.com/common/oauth2/v2.0/token")

    ; Replace this with your actual App Registration's Application (client) ID.
    CkOAuth2::setCkClientId(oauth2, "CLIENT_ID")

    ; Get the "refresh_token"
    CkOAuth2::setCkRefreshToken(oauth2, CkJsonObject::ckStringOf(jsonToken,"refresh_token"))

    ; Send the HTTP POST to refresh the access token..
    success = CkOAuth2::ckRefreshAccessToken(oauth2)
    If success <> 1
        Debug CkOAuth2::ckLastErrorText(oauth2)
        CkJsonObject::ckDispose(jsonToken)
        CkOAuth2::ckDispose(oauth2)
        ProcedureReturn
    EndIf

    Debug CkOAuth2::ckLastErrorText(oauth2)

    Debug "New access token: " + CkOAuth2::ckAccessToken(oauth2)
    Debug "New refresh token: " + CkOAuth2::ckRefreshToken(oauth2)

    ; Update the JSON with the new tokens.
    CkJsonObject::ckUpdateString(jsonToken,"access_token",CkOAuth2::ckAccessToken(oauth2))
    CkJsonObject::ckUpdateString(jsonToken,"refresh_token",CkOAuth2::ckRefreshToken(oauth2))

    ; Save the new JSON access token response to a file.
    sbJson.i = CkStringBuilder::ckCreate()
    If sbJson.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    CkJsonObject::setCkEmitCompact(jsonToken, 0)
    CkJsonObject::ckEmitSb(jsonToken,sbJson)
    CkStringBuilder::ckWriteFile(sbJson,"qa_data/tokens/hotmail.json","utf-8",0)

    Debug "OAuth2 authorization granted!"
    Debug "New Access Token = " + CkOAuth2::ckAccessToken(oauth2)


    CkJsonObject::ckDispose(jsonToken)
    CkOAuth2::ckDispose(oauth2)
    CkStringBuilder::ckDispose(sbJson)


    ProcedureReturn
EndProcedure