# Refresh Expired Tokens

As of Socialstream v4.1.0, socialstream will now automatically check and refresh expired access tokens when they're retrieved from the database. To do this, socialstream uses the `client_id` and `client_secret` values stored in your applications services.php config file.

{% hint style="warning" %}
This may slow down your application depending on any delays in the request to the providers OAuth server.
{% endhint %}

This feature is enabled by default, to disable this feature, simply remove it from the `features` array inside your `socialstream.php` config file:

```php
Features::refreshOauthTokens()
```

You may wish to customise the logic behind refreshing an expired token, to do this, you can provide a closure to the `Socialstream::refreshesTokensForProviderUsing()` method from within the `boot` method of your applications `AppServiceProvider`. For example, for GitHub, this would look like the following:

```php
Socialstream::refreshesTokensForProviderUsing('github', function (ConnectedAccount $account) {
    $response = Http::asForm()->post(...);

    return new RefreshedCredentials(
        token: $response['access_token'],
        refreshToken: $response['refresh_token'],
        expiry: now()->addSeconds($response['expires_in']),
    );
});
```

Alternatively, you may provide the method with the FQN of a resolver class. This class must extend the base provider class from either Laravel Socialite, or the Socialite Providers package you are using. For example, if you were to use the `Reddit` provider from [socialiteproviders/reddit](https://github.com/SocialiteProviders/Reddit), you may define a class for refresh Reddit Oauth tokens and use that instead:

```php
<?php

namespace App\RefreshTokenProviders;

use GuzzleHttp\RequestOptions;
use JoelButcher\Socialstream\Concerns\RefreshesOauth2Tokens;
use JoelButcher\Socialstream\Contracts\Oauth2RefreshResolver;
use SocialiteProviders\Reddit\Provider as RedditProvider;

class RedditOauth2RefreshResolver extends RedditProvider implements Oauth2RefreshResolver
{
    use RefreshesOauth2Tokens;

    public function __construct()
    {
        parent::__construct(
            request: request(),
            clientId: config('services.reddit.client_id'),
            clientSecret: config('services.reddit.client_secret'),
            redirectUrl: '',
        );

        $this->guzzle = [
            RequestOptions::AUTH => [$this->clientId, $this->clientSecret],
        ];
    }
}
```

You would then add the following to the `boot` method of your applications `AppServiceProvider`:

```php
Socialstream::refreshesTokensForProviderUsing('reddit', RedditOauth2RefreshResolver::class);
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.socialstream.dev/features/refresh-expired-tokens.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.