oauthGetAccessToken
The oauthGetAccessToken operation is an API Script operation that is used to facilitate the OAuth authentication flow. To pass the needed inputs to the operation, define the GetOAuthAccessToken stored procedure and, if your data source has a refresh flow, RefreshOAuthAccessToken. The driver can call this internally.
The driver includes stored procedures that invoke this operation to complete the OAuth exchange. The following example schema briefly lists some of the typically required inputs before the following sections explain them in more detail.
For a guide to using the driver to authenticate, see the "Getting Started" chapter.
Creating a GetOAuthAccessToken Stored Procedure
Invoke the oauthGetAccessToken with the GetOAuthAccessToken stored procedure. The following inputs are required for most data sources and will provide default values for the connection properties of the same name.
<api:script xmlns:api="http://www.rssbus.com/ns/rsbscript/2">
<api:info title="GetOAuthAccessToken" description="Obtains the OAuth access token to be used for authentication with various APIs." >
<input name="AuthMode" desc="The OAuth flow. APP or WEB." />
<input name="CallbackURL" desc="The URL to be used as a trusted redirect URL, where the user will return with the token that verifies that they have granted your app access. " />
<input name="OAuthAccessToken" desc="The request token. OAuth 1.0 only." />
<input name="OAuthAccessTokenSecret" desc="The request token secret. OAuth 1.0 only." />
<input name="Verifier" desc="The verifier code obtained when the user grants permissions to your app." />
<output name="OAuthAccessToken" desc="The access token." />
<output name="OAuthTokenSecret" desc="The access token secret." />
<output name="OAuthRefreshToken" desc="A token that may be used to obtain a new access token." />
</api:info>
<!-- Set OAuthVersion to 1.0 or 2.0. -->
<api:set attr="OAuthVersion" value="MyOAuthVersion" />
<!-- Set RequestTokenURL to the URL where the request for the request token is made. OAuth 1.0 only.-->
<api:set attr="OAuthRequestTokenURL" value="http://MyOAuthRequestTokenURL" />
<!-- Set OAuthAuthorizationURL to the URL where the user logs into the service and grants permissions to the application. -->
<api:set attr="OAuthAuthorizationURL" value="http://MyOAuthAuthorizationURL" />
<!-- Set OAuthAccessTokenURL to the URL where the request for the access token is made. -->
<api:set attr="OAuthAccessTokenURL" value="http://MyOAuthAccessTokenURL" />
<!-- Set GrantType to the authorization grant type. OAuth 2.0 only. -->
<api:set attr="GrantType" value="CODE" />
<!-- Set SignMethod to the signature method used to calculate the signature of the request. OAuth 1.0 only.-->
<api:set attr="SignMethod" value="HMAC-SHA1" />
<api:call op="oauthGetAccessToken">
<api:push/>
</api:call>
</api:script>
Writing the RefreshOAuthAccessToken Stored Procedure
You can also use oauthGetAccessToken to refresh the access token by providing the following inputs:
<api:script xmlns:api="http://www.rssbus.com/ns/rsbscript/2">
<api:info title="RefreshOAuthAccessToken" description="Refreshes the OAuth access token used for authentication." >
<input name="OAuthRefreshToken" desc="A token that may be used to obtain a new access token." />
<output name="OAuthAccessToken" desc="The authentication token returned." />
<output name="OAuthTokenSecret" desc="The authentication token secret returned. OAuth 1.0 only." />
<output name="OAuthRefreshToken" desc="A token that may be used to obtain a new access token." />
<output name="ExpiresIn" desc="The remaining lifetime on the access token." />
</api:info>
<!-- Set OAuthVersion to 1.0 or 2.0. -->
<api:set attr="OAuthVersion" value="MyOAuthVersion" />
<!-- Set GrantType to REFRESH. OAuth 2.0 only. -->
<api:set attr="GrantType" value="REFRESH" />
<!-- Set SignMethod to the signature method used to calculate the signature of the request. OAuth 1.0 only.-->
<api:set attr="SignMethod" value="HMAC-SHA1" />
<!-- Set OAuthAccessTokenURL to the URL where the request for the access token is made. -->
<api:set attr="OAuthAccessTokenURL" value="http://MyOAuthAccessTokenURL" />
<!-- Set AuthMode to 'WEB' when calling RefreshOAuthAccessToken -->
<api:set attr="AuthMode" value="WEB"/>
<api:call op="oauthGetAccessToken">
<api:push/>
</api:call>
</api:script>
Input Parameters
- OAuthVersion: The OAuth version. The allowed values are 1.0, 2.0. The default value is 1.0.
- AuthMode: The OAuth flow. OAuth 2.0 only. If you choose the App mode, this operation will launch your browser and prompt you to authenticate with your account credentials. Set this parameter to WEB to authenticate a Web app or if the driver is not allowed to open a Web browser. The default value is APP.
- OAuthRequestTokenURL: The URL where the driver makes a request for the request token. OAuth 1.0 only. Required for OAuth 1.0.
- OAuthAuthorizationURL: The URL where the user logs into the service and grants permissions to the application. In OAuth 1.0, if permissions are granted the request token is authorized.
- OAuthAccessTokenURL: The URL where the request for the access token is made. In OAuth 1.0, the authorized request token is exchanged for the access token.
- CallbackURL: The URL to be used as a trusted redirect URL, where the user will return with the token that verifies that they have granted your app access. This value must match the callback URL you specify when you register an app. Note that your data source may additionally require the port.
- OAuthClientId: The client Id obtained when you register an app. Also called a consumer key.
- OAuthClientSecret: The client secret obtained when you register an app. Also called a consumer secret.
- OAuthAccessToken: The request token. OAuth 1.0 only.
- OAuthAccessTokenSecret: The request token secret. OAuth 1.0 only.
- OAuthRefreshToken: A token that may be used to obtain a new access token.
- GrantType: Authorization grant type. OAuth 2.0 only. The allowed values are CODE, PASSWORD, CLIENT, REFRESH. The default value is CODE.
- Verifier: The verifier code obtained when the user grants permissions to the driver. In the OAuth 2.0 code grant type, the verifier code is located in the code query string parameter of the callback URL. In OAuth 1.0, the verifier is located in the oauth_verifier query string parameter of the callback URL.
- SignMethod: The signature method used to calculate the signature for OAuth 1.0. The allowed values are HMAC-SHA1, PLAINTEXT. The default value is HMAC-SHA1.
- Cert: Path for the PFX personal certificate file. OAuth 1.0 only.
- CertPassword: Personal certificate password. OAuth 1.0 only.
- OtherOptions: Other options to control the behavior of OAuth.
- OAuthParam:*: Other parameters.
- PostData: The HTTP POST data.
- Timeout: The timeout, in seconds, for the operation to complete. Zero (0) means no timeout. The default value is 60.
- LogFile: Specifies a file where the request and response are logged.
- Proxy_Auto: Whether or not the proxy should be detected from Windows system settings. This takes precedence over other proxy settings and is not available in Java. The allowed values are TRUE, FALSE. The default value is FALSE.
- Proxy_Server: IP address or host name of the proxy server used for the request.
- Proxy_Port: The port number of the proxy server.
- Proxy_User: The user Id used to authenticate with the proxy server.
- Proxy_Password: The password used to authenticate with the proxy server.
- Proxy_AuthScheme: The authentication scheme of the proxy server. The allowed values are BASIC, DIGEST, PROPRIETARY, NONE, NTLM. The default value is BASIC.
- Proxy_AuthToken: The proxy authentication token.
- Proxy_SSLType: The SSL type of the proxy server. The allowed values are AUTO, ALWAYS, NEVER, TUNNEL. The default value is AUTO.
- Firewall_Type: The type of the firewall. The allowed values are NONE, TUNNEL, SOCKS4, SOCKS5. The default value is NONE.
- Firewall_Server: The IP address or host name of the firewall.
- Firewall_Port: The port number of the firewall.
- Firewall_User: The user Id used to authenticate with the firewall.
- Firewall_Password: The password used to authenticate with the firewall.
Output Parameters
- OAuthAccessToken: The access token.
- OAuthTokenSecret: The access token secret.
- OAuthRefreshToken: A token that may be used to obtain a new access token.
- ExpiresIn: The remaining lifetime on the access token.
- OAuthParam:*: Other parameters sent from the server.