Over the past two days I’ve committed and published a number of updates to the Salesforce Toolkits for .NET worth sharing. But first, a special thanks to Rocky Assad and Delmer Johnson for the contributions they have made to the toolkits over the past couple weeks. It’s fantastic to see such passionate involvement from members of the Salesforce developer community!

There are three updates I’d like to discuss in this post:

  1. Support for refresh tokens
  2. The addition of an “Async” suffix
  3. Updated sample applications

Without futher ado …

I added support for using the refresh token to acquire a fresh access token in the DeveloperForce.Common library and NuGet package. The syntax is really quite simple.

This is a simple operation. The two methods enabling this to work are TokenRefreshAsync and FormatRefreshTokenUrl.

The FormatRefreshTokenUrl method helps to create the URL with all the proper values. It is a public static method, so you can use it independently of TokenRefreshAsync. Of course, TokenRefreshAysnc uses it as well.

Notice that TokenRefreshAsync creates the same AuthToken used by the other authentication methods, so it’s easy to incorporate.

Refresh Token Reminder: The refresh token may have an indefinite lifetime, persisting until explicitly revoked by the end-user. The client application can store the refresh token, using it to periodically obtain fresh access tokens, but should be careful to protect it against unauthorized access, since, like a password, it can be repeatedly used to gain access to the resource server.

While I may not agree with the it, the Task-based Asynchronous Pattern (TAP) is very clear about the naming convention for asynchronous methods. While I believe that async should be the default (and synchronous should be the odd ball) the reality is that this is not the convention for public libraries.

Consequently, all of the methods in the toolkits have been updated to include an Async suffix.

I don’t like introducing changes like this and will strive to keep them to the minimum. Fortunately, this this is simply a naming change and shouldn’t be difficult for you to update.

All of our sample applications have been updated. Make sure to take a look:

In particular, take a look at the Windows 8 OAuth Sample to see how the token refresh is implemented.

I hope you find these updates useful!

comments powered by Disqus