I am creating a PHP app on a windows box and I wanted to get the basic ESI OAuth flow worked out before I started coding. I’m running into a problem when trying to refresh a token.
Here’s what I am doing:
- Browse to the following URL:
https://login.eveonline.com/oauth/authorize?response_type=code&redirect_uri=https://localhost&client_id=[client ID string]&scope=esi-markets.structure_markets.v1&secret=[secret string]
- Copy/paste authorization code from URL returned in step 1 and run the following command in CMD window
curl -XPOST -H “Content-Type:application/json” -H “Authorization:Basic [Base64 encrypted clientID:secret string ending in ==]” -d “{"grant_type":"authorization_code", "code":"[code copy/pasted from URL returned in step 1]"}” https://login.eveonline.com/oauth/token
- Make a request against login.eveonline.com in a CMD window
curl -XGET -H “Authorization: Bearer [authorization token]” https://login.eveonline.com/oauth/verify
which returns
{“CharacterID”:999999999,“CharacterName”:“Player1”,“ExpiresOn”:“2021-05-19T15:58:11”,“Scopes”:“esi-markets.structure_markets.v1”,“TokenType”:“Character”,“CharacterOwnerHash”:“[hash]”,“IntellectualProperty”:“EVE”}
- I then want to refresh the token by running this in a CMD window:
curl -XPOST --header “Accept: application/json” -H “Content-Type:application/x-www-form-urlencoded” -H “Authorization:Basic [Base64 encrypted clientID:secret string ending in ==]” -d “grant_type=refresh_token&refresh_token=[access token returned from step 2]” https://login.eveonline.com/oauth/token
but this command returns
{“error”:“invalid_request”,“error_description”:“The refresh token is malformed.”}
Clearly the syntax of the command in step 4 is wrong somehow, but I can’t figure it out. Can anyone help?