Search code examples
oauthtrellorequests-oauthlib

How to get a forever token using Oauth1?

I sell products online through a website I wrote. To manage my fulfilment flow, when a purchase is made I want my app to automatically create a card on a Trello board.

I've managed to do everything okay except that after a few minutes the token that I was using expires, even though I thought I had created a token that would never expire.

I can't manually authenticate every time an order comes in.

Here's the code I've written to generate tokens. (Oauth1).

Step 1 (one time): Get a manually authorized resource owner key, resource owner secret, and verifier.

import requests
from requests_oauthlib import OAuth1Session
oauth = OAuth1Session(CLIENT_KEY, client_secret=CLIENT_SECRET)
fetch_response = oauth.fetch_request_token(REQUEST_TOKEN_URL)
resource_owner_key = fetch_response.get('oauth_token')
resource_owner_secret = fetch_response.get('oauth_token_secret')

print(f'resource_owner_key: {resource_owner_key}')
print(f'resource_owner_secret: {resource_owner_secret}')
auth_url = oauth.authorization_url(AUTHORIZE_TOKEN_URL, scope='read,write', expiration='never') # expiration never
print(auth_url)
# Now manually authenticate in browser using this URL. Record resource owner key, secret and verifier

Step 2 (every time): Use resource owner key, resource owner secret, and verifier to generate a token.

oauth = OAuth1Session(CLIENT_KEY,
client_secret=CLIENT_SECRET,
resource_owner_key=RESOURCE_OWNER_KEY,
resource_owner_secret=RESOURCE_OWNER_SECRET,
verifier=VERIFIER)
oauth_tokens = oauth.fetch_access_token(ACCESS_TOKEN_URL)
token = oauth_tokens.get('oauth_token')

Step 3: Use token in POST request to make card.

This all works fine for a few minutes, then on trying to use it again I get the error: 

requests_oauthlib.oauth1_session.TokenRequestDenied: Token request failed with code 500, response was 'token not found'.

I thought that token was last forever? I can still see under my account details on Trello:

read and write access on all your boards
read and write access on all your teams
Approved: today at 6:30 AM
Never Expires
Solution

  • Solved - I was doing everything right, just that Step 2 should only be done once instead of every time. I thought I had to generate a new token for each new request, but the token generated at the 'token = ' line is actually good to save off and use forever.