I'm trying to automatically refresh an access token in the background of my application. I read this blog post (https://developer.linkedin.com/blog/tips-and-tricks-refreshing-access-token), but I still cannot figure it out.
When I attempt to refresh the token with this POST request (https://www.linkedin.com/uas/oauth/authenticate?oauth_token=XXXXXXXXX where XXXXXXXXX is replaced with a request token I obtained earlier) as described in the blog post above, I get an empty access token.
I do these steps in Python as follows.
request_token_url = 'https://api.linkedin.com/uas/oauth/requestToken?scope=r_fullprofile+rw_groups'
authorize_url = 'https://www.linkedin.com/uas/oauth/authenticate'
consumer = oauth.Consumer(consumer_key, consumer_secret)
client = oauth.Client(consumer)
# fetch a request token
resp, content = client.request(request_token_url, "POST")
request_token = dict(urlparse.parse_qsl(content))
# send a request to refresh an access token
resp, content = client.request("%s?oauth_token=%s" % (authorize_url, request_token['oauth_token']), "POST")
print resp,content
Then, resp is
{'-content-encoding': 'gzip',
'age': '1',
'connection': 'keep-alive',
'content-language': 'en-US',
'content-length': '0',
'date': 'Sun, 03 Mar 2013 13:11:05 GMT',
'location': 'https://www.linkedin.com/uas/oauth/authorize?oauth_token=9e8c5d13-208f-405d-885f-3365e7098fc1&state=',
'p3p': 'CP="CAO DSP COR CUR ADMi DEVi TAIi PSAi PSDi IVAi IVDi CONi OUR DELi SAMi UNRi PUBi OTRi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT POL PRE"',
'server': 'Apache-Coyote/1.1',
'set-cookie': '_lipt=deleteMe; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/, bcookie="v=2&2b52692f-de6c-4ba5-9a2c-62e020790a41"; Version=1; Domain=linkedin.com; Max-Age=63072000; Expires=Tue, 03-Mar-2015 13:11:06 GMT; Path=/, leo_auth_token="GST:9isMS9qbt9c-2XNJU0diaae-LMc-uie4STjVn5qiIk_JtnNvbbPKMS:1362316266:d50e8735b56508fda71b68bd9a5395176e9e603d"; Version=1; Max-Age=1799; Expires=Sun, 03-Mar-2013 13:41:05 GMT; Path=/, sl="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/, s_leo_auth_token="delete me"; Version=1; Max-Age=0; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/, JSESSIONID="ajax:2593452035081810950"; Version=1; Path=/, visit="v=1&G"; Version=1; Max-Age=63072000; Expires=Tue, 03-Mar-2015 13:11:06 GMT; Path=/, lang="v=2&lang=en-us"; Version=1; Domain=linkedin.com; Path=/, X-LI-IDC=C1',
'status': '302',
'vary': 'Accept-Encoding',
'x-li-uuid': 'TxiUiruqZNIVm5J4ldUQ0w=='}
and content is empty, but it should contain a refreshed access token.
What am I doing wrong here?