SumUp API OAuth 2.0 integration in .NET

SumUp offers a two ways to be authenticated as a user in .NET app.
It is a API-KEY or OAuth 2.0.
In this blog post I will be describing OAuth implementation, because it is a little more complicated.
Firstly, we would have to go to SumUp developer portal and register account. After that we are ready to implement our solution. For OAuth implementation I have chosen a nugget package called Identity Model.
It has all needed calls and constants to provide authorization code flow and after a refresh token flow.

Step 1:
AUTHORIZATION CODE FLOW

In constructor initialise a TokenClient with a HttpContext and parameters:
- Address
- ClientId
- ClientSecret
After that it is time to code rest in method and use a code parameter from SumUp callback.

var response = await _tokenClient.RequestTokenAsync(grantType: “code”,
    Parameters =
    {
        { "code", $"{code}"},
    }
});

In response we get a JSON with data:

“access_token”: “cuz”,
“expires_in”: 3600 //Max time
“refresh_token”: “xyz”
“token_type”:”Bearer”

This access token is valid for next hour, so we have to carefully save it to some storage.
And it will be out ticket to all user data that we requested by scopes.

Step 2:
REFRESH TOKEN CODE FLOW

Flow is nearly the same but now we will use other method to fetch access token with refresh token as an authorization code.
But what is important we need refresh token from previous step to get another access token.

 var response = await _tokenClient.RequestRefreshTokenAsync(refreshToken)

And that’s all. Simple and elegant. Next time you will cross flow alongside easily.
Have fun!