I've successfully obtained an access token using Web Server OAuth Authentication Flow. I'm just wondering what the best process is in the following instance:

1. Attempt to create a new lead in SalesForce using /sobjects/Lead/. 
2. If access_token is valid, the lead is created successfully.
3. If access_token is invalid, get a new one and go back to step 1?

I can do the above no problem but I was previously using username/password OAuth method and decided I need to be using the Web Server OAuth method.

If the access_token is invalid, do I simply have to obtain a new access_token using grant_type=refresh_token and then go back to step 1?
It feels a bit clunky and I was wondering if there was a way to check if the access_token was valid before even attempting step 1.

Any input appreciated greatly.

I have an application using oAuth for authorization. It's been working fine for months. Over the weekend, issues started happening and after digging into it, it appears that while the authorization is successful (response 200 with valid JSON object returned), we're no longer receiving a refresh token after authorization.

 

Here is the oAuth request/response:

REQUEST:
https://login.salesforce.com/services/oauth2/token?grant_type=authorization_code&client_id=[my_app_client_id]&client_secret=[my_app_client_secret]&redirect_uri=[my_app_redirect_url]&code=[the_auth_code_we_receive_during_authorization]

 

RESPONSE:

{

"id":"https://login.salesforce.com/id/00D30000000AAAAAAA/0053000000KKKKKK",
"issued_at":"1328965006241",
"scope":"full",
"instance_url":"https://[my_org].my.salesforce.com",
"signature":"J/YL4wUXF[stuff]ielR+GLrcBuDz/kHOJs3nKNs=",
"access_token":"00D30000000AAAA!AREAQHAQpw[stuff]ABL50MBOQVPsN.TTnrrvN2gAGNsrJHhK3ehSQvYU[stuff]MfqreLBp3eDXMnCNdJRl3"
}

 

This request is supposed to return a request_token parameter with the JSON response -- and it *always* has in the past. Docs here: http://wiki.developerforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com