Additional plugins.oauth.OAuthProviders

Questions and answers on developing, deploying and using plugins and JavaBeans

Additional plugins.oauth.OAuthProviders

Postby swingman » Thu Jan 28, 2021 5:23 pm

Hi all,

Is there a way to use the oAuth plugin in Servoy when the service I want to connect to is not listed in plugins.oauth.OAuthProviders?
Or do I have to track the oauth tokens manually using the http plugin?
Christian Batchelor
Certified Servoy Developer
Batchelor Associates Ltd, London, UK
http://www.batchelorassociates.co.uk

http://www.postgresql.org - The world's most advanced open source database.
User avatar
swingman
 
Posts: 1374
Joined: Wed Oct 01, 2003 10:20 am
Location: London

Re: Additional plugins.oauth.OAuthProviders

Postby rafig » Fri Sep 10, 2021 7:20 pm

Shame Christian didn't get a reply on this.
I too am now in the position of wanting to connect (nicely) to Sage Cloud (a UK accounts package) that uses OAuth and there isn't a OAuthProvider for it.
How can we go about creating requests for new OAuthProviders, or what can we put in place of that parameter in the ".build" to make something else work?
Thanks
Rafi
Servoy Certified Developer
Image
rafig
 
Posts: 611
Joined: Mon Dec 22, 2003 12:58 pm
Location: Watford, UK

Re: Additional plugins.oauth.OAuthProviders

Postby emera » Mon Sep 13, 2021 8:52 am

Hello,
Starting with 2021.09 it is possible to build a custom api:

Code: Select all
var customApi = plugins.oauth.customApi("https://example.com/oauth2/default/v1/authorize",  //authorization base url
                                        "https://example.com/oauth2/default/v1/token")     //access token endpoint
          .withAccessTokenExtractor(plugins.oauth.OAuthTokenExtractors.OpenIdJson);    // other possible extractors: plugins.oauth.OAuthTokenExtractors.OAuth2
                                                                                       // or plugins.oauth.OAuthTokenExtractors.OAuthJson

var builder = plugins.oauth.serviceBuilder(clientid)   //client/application ID
      .clientSecret(secret)      //client secret
      .deeplink("deeplink")
      .callback(callback, 30)
      //.responseType("id_token")
      .state('mystate-1235')
      .scope("openid email");
       service = builder.build(customApi);

    application.output('help redirect url: '+plugins.oauth.getUsedRedirectUrl(builder));
   }
   catch (exception)
   {
      application.output(exception);
   }
}

/**
* TODO generated, please specify type and doc for the params
* @param result
* @param auth_outcome
*
* @properties={typeid:24,uuid:"35B3D11B-8A1F-4CAB-9EB1-CD334B14A1B0"}
*/
function callback(result, auth_outcome) {
   if (result)
   {   
      service = auth_outcome;
      application.output("success: access token "+service.getAccessToken());
      application.output("id token: "+service.getIdToken());
      
      forms.main.controller.show();
   }
   else
   {
      plugins.dialogs.showInfoDialog("error",auth_outcome);
   }
}

emera
 
Posts: 35
Joined: Tue Jun 17, 2014 8:33 am

Re: Additional plugins.oauth.OAuthProviders

Postby rafig » Mon Sep 13, 2021 9:40 am

emera wrote:Hello,
Starting with 2021.09 it is possible to build a custom api:

Hi emera,
thanks for replying and that looks like great news & a possible solution (in the future), however
1) I was hoping to be able to sort this now
2) I personally have not had a good 'user experience' with 2021.06 (on Mac), with various issues of it not responding until I click on a menu & general slowness [I should probably post something on forum about it ;-) ]
It would be nice if the OAuth plugin was part of the package manager, then maybe we could have used it in an earlier version...
Thanks
Servoy Certified Developer
Image
rafig
 
Posts: 611
Joined: Mon Dec 22, 2003 12:58 pm
Location: Watford, UK

Re: Additional plugins.oauth.OAuthProviders

Postby emera » Mon Sep 13, 2021 9:57 am

Servoy 2021.09 rc is released, so it is possible to test it now. The final version will be released at the end of the month.
The OAuth plugin is a java plugin and is shipped with Servoy and it is not part of the web package manager, which contains only angular packages.
Please check the new release and in case you have other issues you can report them at support.servoy.com.
Best regards,
Edit
emera
 
Posts: 35
Joined: Tue Jun 17, 2014 8:33 am

Re: Additional plugins.oauth.OAuthProviders

Postby rafig » Mon Sep 13, 2021 11:48 am

Hi Edit,
emera wrote:Servoy 2021.09 rc is released, so it is possible to test it now. The final version will be released at the end of the month.

Thanks, I might test it, but it's possible client might need solution sooner...
The OAuth plugin is a java plugin and is shipped with Servoy and it is not part of the web package manager, which contains only angular packages.

I understand, thanks.
Servoy Please check the new release and in case you have other issues you can report them at support.servoy.com.
Best regards,
Edit

Will do.

Thanks
Servoy Certified Developer
Image
rafig
 
Posts: 611
Joined: Mon Dec 22, 2003 12:58 pm
Location: Watford, UK

Re: Additional plugins.oauth.OAuthProviders

Postby emera » Mon Sep 13, 2021 11:53 am

Or you can copy the oauth.jar from the rc (application_server/plugins) to the older version.
emera
 
Posts: 35
Joined: Tue Jun 17, 2014 8:33 am

Re: Additional plugins.oauth.OAuthProviders

Postby rafig » Mon Sep 13, 2021 12:29 pm

emera wrote:Or you can copy the oauth.jar from the rc (application_server/plugins) to the older version.

That is exactly what I was going to try & do :D

Thanks!
Servoy Certified Developer
Image
rafig
 
Posts: 611
Joined: Mon Dec 22, 2003 12:58 pm
Location: Watford, UK

Re: Additional plugins.oauth.OAuthProviders

Postby rafig » Tue Sep 14, 2021 2:04 pm

Hi Edit,
Thanks (again) for your posts, I have now copied the OAuth plugin from the latest 'rc' to the current version of Servoy & it seems to work...
After some playing around, I think I have now, almost, got it working.
I had been using 'Postman' to do testing before moving to Servoy coding for call & I am now seeing an error that I get in Postman if I have the request 'Client Authentication' set as
"Send as Basic Auth header"
Postman Header.png
Header
Postman Header.png (12.29 KiB) Viewed 606 times

but when I have it set as
"Send client credentials in body"
Postman Body.png
Body
Postman Body.png (12.38 KiB) Viewed 606 times

it works!
So, how can I make the plugin use the 2nd way??
My code is
Code: Select all
   var customApi = plugins.oauth.customApi("https://www.sageone.com/oauth2/auth/central",
                                 "https://oauth.accounting.sage.com/token")
    .withAccessTokenExtractor(plugins.oauth.OAuthTokenExtractors.OAuthJson);

   var builder = plugins.oauth.serviceBuilder(sage_auth_clientId)
   .additionalParameters({'filter': 'apiv3.1', 'grant_type': 'authorization_code'})
   .clientSecret(sage_auth_clientSecret)
   .responseType("code")
   .scope(sage_auth_scope)
   .state(sage_auth_state)
   .callback(scopes.auth.deeplinkSage, 30)
   .build(customApi);


(I couldn't seem to see anything in the plugin options...)

Thanks!
Servoy Certified Developer
Image
rafig
 
Posts: 611
Joined: Mon Dec 22, 2003 12:58 pm
Location: Watford, UK

Re: Additional plugins.oauth.OAuthProviders

Postby emera » Tue Sep 14, 2021 3:17 pm

Hello,

The client id and secret are already sent as body parameters, because the default http method to get the access token is POST.

'grant_type': 'authorization_code' is not needed as an additional parameter, it is added automatically.
.responseType("code") is also the default

I see that the deeplink method name is missing, then the last part of your redirect url is "deeplink_svy_oauth" (please check the docs of builder.deeplink())
Did you configure in your app the redirect url to end with deeplink_svy_oauth (where you also have the client id and secret)?

What error do you get when running your code?

Or do you want to use the client credentials grant type? That is not implemented by the plugin.
emera
 
Posts: 35
Joined: Tue Jun 17, 2014 8:33 am

Re: Additional plugins.oauth.OAuthProviders

Postby rafig » Wed Sep 15, 2021 12:31 pm

Hi Edit,
The client id and secret are already sent as body parameters, because the default http method to get the access token is POST.

Ok, but it still doesn't seem to be working...
The client id and secret are already sent as body parameters, because the default http method to get the access token is POST.
'grant_type': 'authorization_code' is not needed as an additional parameter, it is added automatically.
.responseType("code") is also the default

I removed those, no change...
I see that the deeplink method name is missing, then the last part of your redirect url is "deeplink_svy_oauth" (please check the docs of builder.deeplink())
Did you configure in your app the redirect url to end with deeplink_svy_oauth (where you also have the client id and secret)?

I am not specifying a 'deeplink' & have configured app with the deeplink_svy_oauth at the end (& this is how I got the Intuit QuickBooks OAuth to work)
What error do you get when running your code?

Code: Select all
ERROR plugin.oauth - Could not set the oauth code {"error":"invalid_client","error_description":"Parameter 'client_id' and/or 'client_secret' are invalid."} com.github.scribejava.core.model.OAuth2AccessTokenErrorResponse: {"error":"invalid_client","error_description":"Parameter 'client_id' and/or 'client_secret' are invalid."}
   at com.github.scribejava.core.extractors.OAuth2AccessTokenJsonExtractor.generateError(OAuth2AccessTokenJsonExtractor.java:75) ~[scribejava-core.jar:?]
   at com.github.scribejava.core.extractors.OAuth2AccessTokenJsonExtractor.extract(OAuth2AccessTokenJsonExtractor.java:46) ~[scribejava-core.jar:?]
   at com.github.scribejava.core.extractors.OAuth2AccessTokenJsonExtractor.extract(OAuth2AccessTokenJsonExtractor.java:16) ~[scribejava-core.jar:?]
   at com.github.scribejava.core.oauth.OAuth20Service.sendAccessTokenRequestSync(OAuth20Service.java:39) ~[scribejava-core.jar:?]
   at com.github.scribejava.core.oauth.OAuth20Service.getAccessToken(OAuth20Service.java:73) ~[scribejava-core.jar:?]
   at com.github.scribejava.core.oauth.OAuth20Service.getAccessToken(OAuth20Service.java:68) ~[scribejava-core.jar:?]
   at com.servoy.extensions.plugins.oauth.OAuthService.setAccessToken(OAuthService.java:112) ~[oauth.jar:?]
   at com.servoy.extensions.plugins.oauth.OAuthServiceBuilder.lambda$buildWithCallback$0(OAuthServiceBuilder.java:351) [oauth.jar:?]
   at com.servoy.extensions.plugins.oauth.OAuthServiceBuilder$$Lambda$1093/0x000000001fee1990.run(Unknown Source) [oauth.jar:?]
   at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) [?:?]
   at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) [?:?]
   at java.lang.Thread.run(Unknown Source) [?:?]
ERROR Could not set the oauth code

The last line is from the callback method that is like your code above (I used the sample plugin code)...
Or do you want to use the client credentials grant type? That is not implemented by the plugin.

I don't.

As I mentioned, I got the equivalent error in Postman app when it was configured to send 'Basic Auth Header'...

Thanks

Rafi
Servoy Certified Developer
Image
rafig
 
Posts: 611
Joined: Mon Dec 22, 2003 12:58 pm
Location: Watford, UK

Re: Additional plugins.oauth.OAuthProviders

Postby emera » Thu Sep 16, 2021 3:42 pm

Indeed the error message means that Client authentication failed ( client is unknown, no client authentication included, or authentication method is unsupported).
Possible reasons:
No service with the provided clientServiceId was found, which is not the case since it worked in postman
Authorization header was either of invalid format or not passed at all


I added a new method to the custom api builder:
plugins.oauth.customApi("https:......", "https://....").withClientAuthentication(plugins.oauth.ClientAuthentication.Request_Body_AuthenticationScheme)

I sent you a jar for testing as a private message (i built it locally and it doesn't have docs so maybe it's not a good idea to attach it here)
Please let me know if you've got it and if it works for you.
emera
 
Posts: 35
Joined: Tue Jun 17, 2014 8:33 am

Re: Additional plugins.oauth.OAuthProviders

Postby rafig » Fri Sep 17, 2021 2:05 pm

emera wrote:I added a new method to the custom api builder:
plugins.oauth.customApi("https:......", "https://....").withClientAuthentication(plugins.oauth.ClientAuthentication.Request_Body_AuthenticationScheme)

I sent you a jar for testing as a private message (i built it locally and it doesn't have docs so maybe it's not a good idea to attach it here)
Please let me know if you've got it and if it works for you.

Hi Edit,
Success!!!
That works!
Thank you SO much!
I can get on with writing the rest of the code now ;-)
I hope you can update the plugin with the right bits now & get it out with 2021.09 release (& that it will still work in earlier releases...)
All the best
Rafi
Servoy Certified Developer
Image
rafig
 
Posts: 611
Joined: Mon Dec 22, 2003 12:58 pm
Location: Watford, UK

Re: Additional plugins.oauth.OAuthProviders

Postby emera » Fri Sep 17, 2021 2:30 pm

You're welcome! I'm happy it works for you.
Servoy 2021.09 final will contain the fix.
The jar is going to be pretty much the same, but it will also have docs.
emera
 
Posts: 35
Joined: Tue Jun 17, 2014 8:33 am

Re: Additional plugins.oauth.OAuthProviders

Postby rafig » Fri Sep 17, 2021 2:36 pm

emera wrote:You're welcome! I'm happy it works for you.
Servoy 2021.09 final will contain the fix.
The jar is going to be pretty much the same, but it will also have docs.

Thanks ;-)
Great!
Servoy Certified Developer
Image
rafig
 
Posts: 611
Joined: Mon Dec 22, 2003 12:58 pm
Location: Watford, UK


Return to Plugins and Beans

Who is online

Users browsing this forum: No registered users and 3 guests