Strava authentication
=====================


# References
* [GitHub - Strava Data (this project)](https://github.com/data-engineering-helpers/strava-data)
  + [GitHub - Strava Data - `strava-authenticate` notebook (this notebook)](https://github.com/data-engineering-helpers/strava-data/blob/main/ipython-notebooks/strava-authenticate.ipynb)
  + [GitHub - Strava Data - `strava-fetch-and-display-activities` notebook](https://github.com/data-engineering-helpers/strava-data/blob/main/ipython-notebooks/strava-fetch-and-display-activities.ipynb)
  + [GitHub - Doc - Setup/Generate an access token section](https://github.com/data-engineering-helpers/strava-data#generate-an-access-token)


# Authorize the application to use Strava API
* The authorization process has to be done just once every so often
* The user (you, me) has to authorize the application (this application we are building here)
  to use the Strava API. The application is known to Strava API and appears on
  https://www.strava.com/settings/apps. If this is not the case yet, one can easily
  register a new application to use the Strava API (on https://www.strava.com/settings/api)
* Be sure to have the following Strava API details at hand,
  from https://www.strava.com/settings/api:
  + Client ID
  + Client secret
* Save those details as environment variables (_e.g._, in the `~/.bashrc`/`~/.zshrc` file):
```bash
export STRAVA_CLIENT_ID="<the-strava-client-id>"
export STRAVA_CLIENT_SECRET="<the-strava-client-secret>"
export STRAVA_ACCESS_TOKEN="" # empty for now
export STRAVA_REFRESH_TOKEN="" # empty for now
```

## Generate an authorization code with the internet browser
* Get a Strava API authorization code by opening the following link (be careful
  to replace `strava-api-client-id` with your own Strava API client ID,
  which should read something like 1234567):
  + Open http://www.strava.com/oauth/authorize?client_id=strava-api-client-id&response_type=code&redirect_uri=http://localhost/exchange_token&approval_prompt=force&scope=read_all,activity:read_all
  + Click on the Authorize button
  + In the URL of the just opened page (displaying an error), copy the `code`
    value, it corresponds to the Strava API authorization code
* The Strava API authorization code remains valid for a long time (several days).
  You can save it along with other passwords (_e.g._, in a password manager) or in a private
  MS Word/Google Doc/text document.
* The authorization code is then used to generate both:
  + A refresh token, which has roughly the same validity as the authorization code
  + An access token, which itself is valid only for a limited period of time (typically, a few hours).
    That access token may be re-generated as many times as needed thanks to the refresh token.
    The access token is what the Strava API needs to answer to API requests

# Generate an access token
Perform either of the following two tasks

## Generate the access and refresh tokens with the CLI
* To be performed when the refresh token is deprecated or when there is no refresh token yet
* Use cURL on the command-line to create the access code (and the refresh code):
```bash
curl -s -X POST https://www.strava.com/oauth/token -F client_id=$STRAVA_CLIENT_ID -F client_secret=$STRAVA_CLIENT_SECRET -F code=<strava-api-authorization-code> -F grant_type=authorization_code | jq
```

### Store the access and refresh tokens as environment variables
* Store the access and refresh tokens as environment variables:
```bash
export STRAVA_ACCESS_TOKEN="<strava-api-access-token>"
export STRAVA_REFRESH_TOKEN="<strava-api-refresh-token>"
```

## Refresh the access and refresh tokens with the CLI
* Use cURL on the command-line to create the access code (and the refresh code):
```bash
curl -s -X POST https://www.strava.com/oauth/token -F client_id=$STRAVA_CLIENT_ID -F client_secret=$STRAVA_CLIENT_SECRET -F refresh_token=<strava-api-refresh-token> -F grant_type=refresh_token | jq
```

### Store the access token as environment variable
* Store the access token as an environment variable:
```bash
export STRAVA_ACCESS_TOKEN="<strava-api-access-token>"
```