TokenRequest: Exchange code with an access token

Resolved TokenRequest: Exchange code with an access token

How-to

Votes

Undo

Berit Sandvik
PowerBuilder
Friday, 7 June 2024 07:09 AM UTC

Hi all,

In order to communicate using Rest API to an external company, we log on using the WebBrowser control in PB and when authenticated we receive a code that has to be exchanged to an access token using Oauth2.

The plan was to use the OAuthClient and TokenRequest objects to achieve this, but there is no parameter in the TokenRequest where we can put the code that needs to be exchanged to an access token.

Any ideas on how to solve this?

Regard Berit

Responses (4)

Mark Lee @Appeon Accepted Answer Pending Moderation

Wednesday, 12 June 2024 06:02 AM UTC
PowerBuilder
# 1

Hi Berit,

Thanks for providing the screenshot.
For the Authorization Code grant type, you need to use a popup window to receive the code. If you don’t have values like the redirect_uri, you can ignore it.
You can refer to the following link for the details.
https://docs.appeon.com/pb2022r3/application_techniques/ch04s08s01.html

Code example:

String ls_id, ls_secret, ls_Scope, ls_Redirect
String ls_Body, ls_code, ls_Url_code, ls_AccessToken
Integer li_rtn
OAuthClient loa_Client
TokenRequest ltr_Request
TokenResponse ltr_Response
OAuthRequest loa_Request
ResourceResponse lrr_Response
CoderObject lco_Code
Blob lb_data

lco_Code = Create CoderObject
loa_Client = Create OAuthClient

ls_id = "434849452875-6905f1g9rjiargcnqut06afmnn0b0fp7.apps.googleusercontent.com"
ls_secret = "E1b7RsBxZWKq_yrl-kbfONF5"
ls_Scope = "https://www.googleapis.com/auth/youtube"
ls_Redirect = "https://www.appeon.com/callback"

//Step 1: Get the authorization code
ls_Url_code = "https://accounts.google.com/o/oauth2/auth?client_id=" + ls_id + "&redirect_uri=" + ls_Redirect +"&scope=" + ls_Scope + "&response_type=code"
OpenWithParm ( w_webbrowser,ls_Url_code )
ls_code = Message.Stringparm
If Len ( ls_code ) < 1 Then Return
If Pos( ls_code, "code=" ) < 0 Then return
ls_code = Mid ( ls_code, pos(ls_code,"=") + 1)
ls_code = Mid ( ls_code, 1, pos(ls_code,"&") - 1)
lb_data = lco_Code.Urldecode( ls_code)
ls_code = String ( lb_data,EncodingANSI!) 

//Step 2: Get the RESTful Server token
ltr_Request.tokenlocation = "https://accounts.google.com/o/oauth2/token"
ltr_Request.Method = "POST"
ltr_Request.granttype = "authorization_code"
ltr_Request.clientid = ls_id
ltr_Request.clientsecret = ls_secret
ltr_Request.ClearParams()
ltr_Request.AppendParam( "grant_type","authorization_code")
ltr_Request.AppendParam( "client_id", ls_id )
ltr_Request.AppendParam( "client_secret", ls_secret )
ltr_Request.AppendParam( "scope", ls_Scope )
ltr_Request.AppendParam( "code", ls_code )
ltr_Request.AppendParam( "redirect_uri", ls_Redirect )
ltr_Request.ClearHeaders()
ltr_Request.SetHeader("Content-Type","application/x-www-form-urlencoded")

li_rtn = loa_Client.AccessToken( ltr_Request, ltr_Response )
If li_rtn = 1 Then
 ls_AccessToken = ltr_Response.GetAccessToken ( )
 //Step 3: Get the RESTful Server resource
 If Len(ls_AccessToken) > 0 Then
  loa_Request.SetAccessToken (ls_AccessToken)
  loa_Request.Method = "GET"
  loa_Request.Url = "https://www.googleapis.com/oauth2/v1/tokeninfo"
  li_rtn = loa_Client.requestresource( loa_Request, lrr_Response )
  If li_rtn = 1 Then
   lrr_Response.GetBody(ls_Body)
   MessageBox ( "Tips", ls_Body )
  End If

 End If
End If

Comment

Berit Sandvik
Friday, 14 June 2024 05:40 AM UTC

Hi,

I have implemented this and I get the error code 401 - Unauthorized. I will contact the service vendor and check that the URL I am using is correct.

Thank you for your assistance!

Helpful 0

There are no comments made yet.

Berit Sandvik Accepted Answer Pending Moderation

Tuesday, 11 June 2024 11:20 AM UTC
PowerBuilder
# 2

This is the code in PowerBuilder:

// example from https://docs.appeon.com/pb2019r3/application_techniques/ch04s08.html
String ls_id, ls_secret, ls_Scope//, ls_Redirect
String ls_Body, ls_code, ls_Url_code, ls_AccessToken, ls_temp, ls_type, ls_description, ls_uri, ls_state
Integer li_rtn
OAuthClient loa_Client
TokenRequest ltr_Request
TokenResponse ltr_Response
OAuthRequest loa_Request
ResourceResponse lrr_Response
CoderObject lco_Code
Blob lb_data

lco_Code = Create CoderObject
loa_Client = Create OAuthClient

//Step 1: Get the authorization code
ls_code = is_altinn_code
If Len ( ls_code ) < 1 Then Return
lb_data = lco_Code.Urldecode( ls_code)
ls_code = String ( lb_data,EncodingANSI!)

//Step 2: Get the RESTful Server token
ltr_Request.ClearHeaders()
ltr_Request.tokenlocation = "https://test.idporten.no/token"
ltr_Request.SetHeader("Content-Type","application/x-www-form-urlencoded")
ltr_Request.Method = "POST"
ltr_Request.granttype = "authorization_code"
ltr_Request.clientid = is_client_id
ltr_Request.clientsecret = is_client_secret
ltr_Request.Scope = is_scope

ltr_Request.ClearParams()
//ltr_Request.AppendParam( "grant_type","authorization_code")
//ltr_Request.AppendParam( "client_id", is_client_id )
//ltr_Request.AppendParam( "client_secret", is_client_secret )
//ltr_Request.AppendParam( "scope", is_scope )
ltr_Request.AppendParam( "code", ls_code )
ltr_Request.AppendParam( "redirect_uri", is_redirect_url ) // what should this be??

li_rtn = loa_Client.AccessToken( ltr_Request, ltr_Response )
If li_rtn = 1 Then
ls_AccessToken = ltr_Response.GetAccessToken ( ) // Empty
messagebox("token", ls_accessToken)
ls_temp = string(ltr_response.getStatusCode()) // Empty
ls_temp = ltr_response.getStatusText() // Empty
li_rtn = ltr_response.getTokenError(ls_type, ls_Description, ls_uri, ls_state) // Empty

//Step 3: Get the RESTful Server resource
// If Len(ls_AccessToken) > 0 Then
// loa_Request.SetAccessToken (ls_AccessToken)
// loa_Request.Method = "GET"
// loa_Request.Url = "https://www.googleapis.com/oauth2/v1/tokeninfo" // what should this be???
// li_rtn = loa_Client.requestresource( loa_Request, lrr_Response )
// If li_rtn = 1 Then
// lrr_Response.GetBody(ls_Body)
// MessageBox ( "Tips", ls_Body )
// End If
// End If
End If

Comment

There are no comments made yet.

Berit Sandvik Accepted Answer Pending Moderation

Tuesday, 11 June 2024 11:13 AM UTC
PowerBuilder
# 3

Hi Mark,

Thank you for replying. This is the setup in Postman:

Comment

Load more comments

Berit Sandvik
Tuesday, 11 June 2024 11:32 AM UTC

Hi Miguel,

Thank you for answering.

It works in Postman, but not in PowerBuilder.

Best regards Berit

Helpful 0

Berit Sandvik
Tuesday, 11 June 2024 11:48 AM UTC

This statement:

ltr_response.getStatusCode() returns 400. What does that mean? I can not find any documentation on this.

Helpful 0

Berit Sandvik
Tuesday, 11 June 2024 12:02 PM UTC

Note that the code received from the authentication request is the is_altinn_code variable. This is ANSIEncoded and added as a parameter to the tokenRequest:

ltr_Request.AppendParam( "code", ls_code )

Helpful 0

There are no comments made yet.

Mark Lee @Appeon Accepted Answer Pending Moderation

Monday, 10 June 2024 04:59 AM UTC
PowerBuilder
# 4

Hi Berit,

Could you please test it in Postman first? I am not sure about the parameters in your TokenRequest. I suggest you provide us with a screenshot of the test in Postman for reference and analysis.
You can refer to the following link about how to use OAuth 2.0 authorization

https://docs.appeon.com/pb2022r3/application_techniques/ch04s08s01.html
https://docs.appeon.com/pb2022r3/application_techniques/ch04s08s01.html#d0e14799
https://docs.appeon.com/pb2022r3/application_techniques/ch04s08s01.html#d0e14833

Regards,

Comment

There are no comments made yet.

Page :
1

There are no replies made for this question yet.
However, you are not allowed to reply to this question.

Please login to post a reply

You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here. Register Here »

Forgot Password?

Resolved TokenRequest: Exchange code with an access token

Find Questions by Tag