oauth

PreviousOfflineDataDescription NextClientAuthentication

Last updated 3 months ago

Was this helpful?

oauth

(plugins.oauth)

Overview

The OAuth plugin simplifies authentication and access to protected resources using OAuth protocols. It supports integration with predefined OAuth providers or custom APIs, enabling secure communication between applications and external services. Core functionalities include creating OAuth services, managing access tokens, and executing authenticated requests.

OAuth services can be configured through the serviceBuilder, which allows the definition of parameters such as client ID, client secret, scope, and state for secure sessions. The service builder also facilitates the integration of callback methods for handling responses. For more specific use cases, developers can build custom APIs by defining authorization and token endpoints, ensuring flexibility for various authentication workflows.

The plugin provides utility methods to streamline the process. It can generate redirect URLs for configuration on provider platforms and manage token extraction from responses. Once authenticated, OAuth services enable the execution of HTTP requests to protected endpoints, supporting various data formats such as JSON and binary. The plugin also facilitates error handling by capturing and relaying issues related to authentication or access requests.

By integrating the OAuth plugin, applications can securely authenticate users, access external APIs, and handle sensitive data interactions while adhering to modern security standards.

Returned Types

,,,,,,,,,,

Methods Summarized

Type

Name

Summary

Create a custom OAuth api builder.

Creates an OAuth service that can be used to obtain an access token and access protected data.

Help method to get the redirect URL which needs to be configured on the OAuth provider application page.

Creates an OAuth service configurator.

Methods Detailed

customApi(authorizationBaseUrl, accessTokenEndpoint)

Create a custom OAuth api builder.

Parameters

Sample

var customApi = plugins.oauth.customApi("https://example.com/oauth2/default/v1/authorize",  //authorization base url
                                        "https://example.com/oauth2/default/v1/token");     //access token endpoint
customApi = customApi.
plugins.oauth.serviceBuilder("0lqd1s0aw...")		//client/application ID
				.clientSecret("bIk6163KHi...")		//client secret
				.state("secret123337")				//anti forgery session state, required by the Facebook api
				.deeplink("deeplink_method")		//OPTIONAL deeplink method name or last part of your redirect URL, see docs
													//if missing, a global method with the name 'deeplink_svy_oauth' will be generated
				.callback(myFunction, 30) 			//see function below, timeout is 30 seconds
				.build(customApi);                  //the custom api created above

function myFunction(result, auth_outcome) {
if (result)
{
		//SUCCESS
		var service = auth_outcome;
		if (service.getAccessToken() == null) return;
		var response = service.executeGetRequest("https://graph.facebook.com/v2.11/me");
		if (response.getCode() == 200) {
			application.output(response.getBody());
			var json = response.getAsJSON();
			application.output("Name is "+json.name);
		}
		else {
			application.output('ERROR http status '+response.getCode());
		}
	else {
		//ERROR
		application.output("ERROR "+auth_outcome);//could not get access token, request timed out, etc..
	}
 }
}

getOAuthService(provider, clientId, clientSecret, scope, state, deeplinkmethod)

Creates an OAuth service that can be used to obtain an access token and access protected data. This method will be deprecated in the following versions, the preferred way is plugins.oauth.serviceBuilder with a callback function.

Parameters

Sample

var clientId = "";
var clientSecret = "";
var scope = null;
var state =  "secret123337";
var callback = "deeplink";
service = plugins.oauth.getOAuthService(plugins.oauth.OAuthProviders.FACEBOOK, clientId, clientSecret, null, state, callback, null)
application.showURL(service.getAuthorizationURL());

function deeplink(a,args) {
  service.setAccessToken(args.code);
  var response = service.executeGetRequest("https://graph.facebook.com/v2.11/me");
  if (response.getCode() == 200) {
  		 application.output(response.getBody());
  		 var json = response.getAsJSON();
  		 application.output("Name is "+json.name);
   }
  else {
    application.output('ERROR http status '+response.getCode());
    }
 }

getUsedRedirectUrl(builder)

Help method to get the redirect URL which needs to be configured on the OAuth provider application page. The url is computed based on what is set on the service builder: deeplink method name, response mode and response type.

Parameters

serviceBuilder(clientID)

Creates an OAuth service configurator.

Parameters

Sample

plugins.oauth.serviceBuilder("0lqd1s0aw...")		//client/application ID
				.clientSecret("bIk6163KHi...")		//client secret
				.defaultScope("email")				//ask permission to get the user email
				.state("secret123337")				//anti forgery session state, required by the Facebook api
				.deeplink("deeplink_method")		//OPTIONAL deeplink method name or last part of your redirect URL, see docs
													//if missing, a global method with the name 'deeplink_svy_oauth' will be generated
				.callback(myFunction, 30) 			//see function below, timeout is 30 seconds
				.build(plugins.oauth.OAuthProviders.FACEBOOK);

function myFunction(result, auth_outcome) {
if (result)
{
		//SUCCESS
		var service = auth_outcome;
		if (service.getAccessToken() == null) return;
		var response = service.executeGetRequest("https://graph.facebook.com/v2.11/me");
		if (response.getCode() == 200) {
			application.output(response.getBody());
			var json = response.getAsJSON();
			application.output("Name is "+json.name);
		}
		else {
			application.output('ERROR http status '+response.getCode());
		}
	else {
		//ERROR
		application.output("ERROR "+auth_outcome);//could not get access token, request timed out, etc..
	}
 }
}

PreviousOfflineDataDescription NextClientAuthentication

Last updated 3 months ago

Was this helpful?