Hi everyone 
I wrote a python script using the official python wrapper for the asana API. Authentication and all the others things i planed to do are working very well, but when my token expires after 60 minutes I struggle to detect that. Is there a method to check if authentication is still valid?
client.session.authorized
Seems not to be updated when the 60 minutes expire.
Thanks a lot and have a nice day!
Jakob
Hey @Jakob_Developer!
Good question. It looks like our library uses requests-oauthlib, whoâs docs are here: OAuth 2 Workflow â Requests-OAuthlib 1.3.1 documentation
I think the best solution is the third option, automatic refreshing. With our lib in itâs current state, you should be able to do it with something like this:
asana.Client(session.AsanaOAuth2Session(
client_secret="super_secret",
token={'access_token': accessToken},
auto_refresh_url=refresh_url,
token_updater=token_saver
))
Warning: The above code is psudocode, I havenât tested that these are the right params in the right place.
This looks like something we will add to the client library in the future, as having you deal with the refresh logic can be a pain.
In the mean time, if youâd rather just get up and running asap. You can use the try except logic of the first or second options in the link.
Hi @Ross_Grambo just checking, I take it the library hasnât been updated yet to add the refresh logic? Iâm struggling with this myself.
Cheers,
Peter B
Sorry @Peter_Bowmar, I havenât prioritized this yet. I would review a PR if you get it working in the meantime.
I was able to get this working using the following code (Iâm having a little trouble w/formatting):
token[âexpires_inâ] = -10
client = asana.Client.oauth(
client_id = CLIENT_ID,
client_secret = CLIENT_SECRET,
token = token,
auto_refresh_url = TOKEN_EXCHANGE_URL,
auto_refresh_kwargs = {
âclient_idâ: CLIENT_ID,
âclient_secretâ: CLIENT_SECRET,
âredirect_uriâ: REDIRECT_URI
},
redirect_uri = REDIRECT_URI,
token_updater = token_updater,
)
I try that with a token generated from a previous session. If the token doesnât exist, then I prompt the user to authorize the app and save the token for subsequent sessions.
You need to pass the auto_refresh_kwargs so that requests_oauthlib makes the correct POST request to https://app.asana.com/-/oauth_token.
Itâs also important to note that your code has to keep track of the tokenâs moment of expiration and change token[âexpires_inâ] accordingly. The auto refresh is only triggered when that value is negative.
This took me a long time to figure out! Hopefully it helps someone!
I am right now struggling with this. Why is this not part of the python library yet? This should be HIGH priority since many backend applications will need this. I canât believe this is not implemented yet 
Hi asana devs, can this be documented better or you can just give a code snippet?
Do you have to invoke some library function for the auto refresh or just set the token[âexpires_inâ] of the âtokenâ variable in the code to -10 with a scheduled function that does this, say, every 3500 seconds?
Bump.
Still no success with getting a refresh, token, see also my post here:
I would really appreciate some support