• You are here:  
  • Home
  • Q&A
  • Q&A
  • PowerBuilder
  • Problems retrieving an Oauth Token from the server

Subscribe via RSS
Toggle Submenu
  1. Categories
  2. Recent
  3. Tags
View Replies (3)

Resolved Problems retrieving an Oauth Token from the server

  1. How-to
1
Votes
Undo
  1. Miller Rhodes
    Miller Rhodes
  2. PowerBuilder
  3. Friday, 22 April 2022 22:52 PM UTC

The code below is what I decided to go with after reading all of the cases in here and the help.  I am trying to get my token using a client id and secret and then use it to access the data.  

On the Method when I try GET then I get a 200 code but nothing comes back in the Body.  If I use a POST then I get a 401 error.

Basically my  ltr_Response.GetAccessToken()  just returns an empty string.

A developer on our project helped me set up Postman and the API works in Postman but I have no idea what information I can use from there in order to get this to work.

 

 

OAuthClient loac_Client
TokenRequest ltr_Request
TokenResponse ltr_Response
OAuthRequest loar_Request
ResourceResponse lrr_Response
String ls_AccessToken
String ls_Body, ls_type, ls_description, ls_state, ls_uri
Long ll_return

String ls_ClientID, ls_Secret, ls_Url

// Setup the arguments for your token request
ls_Url = "https://login.microsoftonline.com - - -TOKEN URL";
ls_ClientID = "Can't Post My Client Id but its here"
ls_Secret = "This is where my SECREt goes"


// Now do your token request
loac_Client = Create OAuthClient

//Step 1: Get the RESTful server access token.
ltr_Request.ClearParams()
ltr_Request.tokenlocation = ls_Url
ltr_Request.granttype = "client_credentials"

ltr_Request.clientid = ls_ClientID
ltr_Request.clientsecret = ls_Secret

ltr_Request.Method = "POST"
ltr_Request.secureprotocol = 0

ltr_Request.scope = "api://gms-d-reckon-claims-api/.default"
ltr_Request.granttype = "client_credentials"


ll_Return = loac_Client.AccessToken( ltr_Request, ltr_Response )

If ll_Return = 1 then
// The Actual Http Call was successful
long ll_ResponseStatusCode
string ls_ResponseStatusText
ll_ResponseStatusCode = ltr_Response.GetStatusCode()
ls_ResponseStatusText = ltr_Response.GetStatusText()
ltr_Response.GetBody(ls_Body)

if ll_ResponseStatusCode = 200 Then
// The Token Request was successful
ls_AccessToken = ltr_Response.GetAccessToken()
MessageBox('Token', ls_AccessToken)
else
// The Token Request returned an error. This displays the actual html returned
MessageBox('Token Error', string(ll_ResponseStatusCode) + ' ' + ls_ResponseStatusText + '~r~n' + ls_Body)

// You can have a look at this function. When the secret is wrong ls_type returns "invalid_client"
ll_Return = ltr_Response.GetTokenError(ls_type, ls_description, ls_uri, ls_state)
MessageBox( "AccessToken Failed", "Return :" + String ( ll_return ) + "~r~n" + ls_type )
end if
Else
// The Actual Http Call was unsuccessful
MessageBox( "AccessToken Call Failed", "Return :" + String ( ll_return ))

// From help file the error will be one of the following:
// -1 -- A general error occurred
// -2 -- Invalid URL
// -3 -- Cannot connect to the Internet
// -4 -- Timeout
End If

If IsValid ( loac_Client ) Then DesTroy ( loac_Client )

 

Rounded Command Button
Cell padding in grid datawindows
Responses (3)
Jim Nesbitt
Jim Nesbitt Accepted Answer Pending Moderation
  1. Wednesday, 10 May 2023 15:29 PM UTC
  2. PowerBuilder
  3. # 1

Hi Miller

Thanks so much for posting your solution - we hit the exact same issue. Fortunately, I found ypu quickly. We followed the steps described in PowerBuilder help which are excellent. Our code was pretty much the same as yours except for the line in bold.

If li_Return = 1 and ltr_Response.GetStatusCode () = 200 Then
ls_TokenType = ltr_Response.gettokentype( )
ls_AccessToken = ltr_Response.GetAccessToken()
//Application Set Authorization Header
Getapplication().SetHttpRequesTheader("Authorization", ls_TokenType + " " +ls_AccessToken, true)
//Set Global Variables
gl_Expiresin = ltr_Response.getexpiresin( )

li_rtn = 1
Else
li_Return = ltr_Response.GetTokenError(ls_type, ls_description, ls_uri, ls_state)
MessageBox( "AccessToken Error", "Error is: " + String ( li_Return ) + "~r~n" + ls_description )
End If
https://docs.appeon.com/ps2022/Azure_Active_Directory.html

Our response was a message stating the secret had expired (probably to provide as little info as possible to hackers) rather than invalid secret.

The docs example escapes 3 tildes in the demo secret. If it had mentioned this, it would have been perfect. I knew about tildes in literals, but didn't cotton on.

ltr_Request.clientsecret = "2ig8hfliVu.u1kl_79RbyZuh~~.X_b~~e~~3M"

Kudos to you

Cheers

Jim 

 

Comment
There are no comments made yet.
Jim Reese
Jim Reese Accepted Answer Pending Moderation
  1. Friday, 5 May 2023 15:52 PM UTC
  2. PowerBuilder
  3. # 2

We've been banging our heads for days trying to get OAUTH to work, and it all came down to the tilde in our client secret string.

THANK YOU MILLER FOR POSTING YOUR COMMENT!

Comment
Miller Rhodes
  1. Miller Rhodes
  2. Friday, 5 May 2023 21:44 PM UTC
You bet. No detail is too small
  1. Helpful 1
There are no comments made yet.
Miller Rhodes
Miller Rhodes Accepted Answer Pending Moderation
  1. Tuesday, 26 April 2022 16:13 PM UTC
  2. PowerBuilder
  3. # 3

Hello. I actually figured this out myself

 

1. ltr_Request.scope = "api://gms-d-reckon-claims-api/.default"  - This actually needs to be encoded

2. I had a " ~ " in my client secret and that is an escape character in Powerbuilder so it was getting removed when I put it into a string variable. I had to change it to " ~~"  in order to get the tilde to remain

3. This needs to be part of the Request Header -  ltr_Request.SetHeader('Content-Type', 'application/x-www-form-urlencoded')

Comment
Armeen Mazda @Appeon
  1. Armeen Mazda @Appeon
  2. Tuesday, 26 April 2022 16:47 PM UTC
Thanks for sharing the solution!
  1. Helpful
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.