refresh token logic for expired access tokens

Author: chenderrick

src/server/auth/custom-providers/etsy.ts

@@ -1,5 +1,6 @@
 import { env } from "@/env";
 import type { OAuth2Config, OAuthUserConfig } from "@auth/core/providers";
+import {db} from "@/server/db";
 
 export interface EtsyProfile {
   user_id: number; // The numeric ID of a user. Also a valid shop ID.
@@ -21,7 +22,7 @@ export default function EtsyProvider<P extends EtsyProfile>(
     authorization: {
       url: "https://www.etsy.com/oauth/connect",
       params: {
-        scope: "email_r",
+        scope: "email_r listing_r",
         state: Math.random().toString(36).substring(2, 15),
       },
     },
@@ -63,3 +64,38 @@ export default function EtsyProvider<P extends EtsyProfile>(
     options,
   };
 }
+
+export async function refreshEtsyAccessToken(
+    refreshToken: string,
+    providerAccountId: string
+) {
+  const response = await fetch("https://api.etsy.com/v3/public/oauth/token", {
+    method: "POST",
+    headers: { "Content-Type": "application/x-www-form-urlencoded" },
+    body: new URLSearchParams({
+      grant_type: "refresh_token",
+      client_id: process.env.AUTH_ETSY_ID!, // your app's client_id
+      refresh_token: refreshToken,      // the one you stored
+    }),
+  });
+  if (!response.ok) {
+    throw new Error("Failed to refresh Etsy access token");
+  }
+  const tokens = await response.json();
+
+  await db.account.update({
+    where: {
+      provider_providerAccountId: {
+        provider: "etsy",
+        providerAccountId: providerAccountId,
+      },
+    },
+    data: {
+      access_token: tokens.access_token,
+      refresh_token: tokens.refresh_token,
+      scope: tokens.scope,
+      token_type: tokens.token_type,
+      expires_at: tokens.expires_at,
+    },
+  });
+}

src/toolkits/toolkits/Etsy/tools/getListing/server.ts

@@ -1,6 +1,7 @@
 import type { ServerToolConfig } from "@/toolkits/types";
 import type { getListing } from "./base";
 import { api } from "@/trpc/server";
+import { refreshEtsyAccessToken} from "@/server/auth/custom-providers/etsy";
 
 
 export const getListingServerConfig = (
@@ -16,12 +17,18 @@ export const getListingServerConfig = (
         const userID = account?.providerAccountId;
         const etsyUserId = Number(userID);
         const apiKey = process.env.AUTH_ETSY_ID;
+        const refreshToken = account?.refresh_token;
+        const accessExpiry = account?.expires_at;
+
         if (!apiKey) throw new Error("Missing AUTH_ETSY_ID");
+        if (accessExpiry && refreshToken && userID && (accessExpiry < Date.now() / 1000)) {
+          await refreshEtsyAccessToken(refreshToken, userID);
+        }
+
         const accessToken = account?.access_token;
         if (!accessToken) throw new Error("Missing Etsy access token");
 
 
-
         const shopResponse = await fetch(
           `https://openapi.etsy.com/v3/application/users/${etsyUserId}/shops`,
           {

src/toolkits/toolkits/Etsy/wrapper.tsx

@@ -20,15 +20,14 @@ export const EtsyWrapper: ClientToolkitWrapper = ({ Item }) => {
   const { data: hasAccount, isLoading } =
     api.accounts.hasProviderAccount.useQuery("etsy");
 
-
   const [isAuthRequiredDialogOpen, setIsAuthRequiredDialogOpen] =
     useState(false);
 
   if (isLoading) {
     return <Item isLoading={true} />;
   }
 
-  if (!hasAccount || true) {
+  if (!hasAccount) {
     return (
       <>
         <Item