1. Berit Sandvik
  2. PowerBuilder
  3. Friday, 7 June 2024 07:09 AM UTC

Hi all,

In order to communicate using Rest API to an external company, we log on using the WebBrowser control in PB and when authenticated we receive a code that has to be exchanged to an access token using Oauth2.

The plan was to use the OAuthClient and TokenRequest objects to achieve this, but there is no parameter in the TokenRequest where we can put the code that needs to be exchanged to an access token.

Any ideas on how to solve this?

Regard Berit

 

Mark Lee @Appeon Accepted Answer Pending Moderation
  1. Monday, 10 June 2024 04:59 AM UTC
  2. PowerBuilder
  3. # 1

Hi Berit,

Could you please test it in Postman first? I am not sure about the parameters in your TokenRequest. I suggest you provide us with a screenshot of the test in Postman for reference and analysis.
You can refer to the following link about how to use OAuth 2.0 authorization

https://docs.appeon.com/pb2022r3/application_techniques/ch04s08s01.html
https://docs.appeon.com/pb2022r3/application_techniques/ch04s08s01.html#d0e14799
https://docs.appeon.com/pb2022r3/application_techniques/ch04s08s01.html#d0e14833

 

Regards,

 

Comment
There are no comments made yet.
Berit Sandvik Accepted Answer Pending Moderation
  1. Tuesday, 11 June 2024 11:13 AM UTC
  2. PowerBuilder
  3. # 2

Hi Mark,

Thank you for replying. This is the setup in Postman:

Comment
  1. Berit Sandvik
  2. Tuesday, 11 June 2024 11:32 AM UTC
Hi Miguel,

Thank you for answering.



It works in Postman, but not in PowerBuilder.



Best regards Berit
  1. Helpful
  1. Berit Sandvik
  2. Tuesday, 11 June 2024 11:48 AM UTC
This statement:

ltr_response.getStatusCode() returns 400. What does that mean? I can not find any documentation on this.

  1. Helpful
  1. Berit Sandvik
  2. Tuesday, 11 June 2024 12:02 PM UTC
Note that the code received from the authentication request is the is_altinn_code variable. This is ANSIEncoded and added as a parameter to the tokenRequest:

ltr_Request.AppendParam( "code", ls_code )
  1. Helpful
There are no comments made yet.
Berit Sandvik Accepted Answer Pending Moderation
  1. Tuesday, 11 June 2024 11:20 AM UTC
  2. PowerBuilder
  3. # 3

This is the code in PowerBuilder:

// example from https://docs.appeon.com/pb2019r3/application_techniques/ch04s08.html
String ls_id, ls_secret, ls_Scope//, ls_Redirect
String ls_Body, ls_code, ls_Url_code, ls_AccessToken, ls_temp, ls_type, ls_description, ls_uri, ls_state
Integer li_rtn
OAuthClient loa_Client
TokenRequest ltr_Request
TokenResponse ltr_Response
OAuthRequest loa_Request
ResourceResponse lrr_Response
CoderObject lco_Code
Blob lb_data

lco_Code = Create CoderObject
loa_Client = Create OAuthClient

//Step 1: Get the authorization code
ls_code = is_altinn_code
If Len ( ls_code ) < 1 Then Return
lb_data = lco_Code.Urldecode( ls_code)
ls_code = String ( lb_data,EncodingANSI!)

//Step 2: Get the RESTful Server token
ltr_Request.ClearHeaders()
ltr_Request.tokenlocation = "https://test.idporten.no/token"
ltr_Request.SetHeader("Content-Type","application/x-www-form-urlencoded")
ltr_Request.Method = "POST"
ltr_Request.granttype = "authorization_code"
ltr_Request.clientid = is_client_id
ltr_Request.clientsecret = is_client_secret
ltr_Request.Scope = is_scope

ltr_Request.ClearParams()
//ltr_Request.AppendParam( "grant_type","authorization_code")
//ltr_Request.AppendParam( "client_id", is_client_id )
//ltr_Request.AppendParam( "client_secret", is_client_secret )
//ltr_Request.AppendParam( "scope", is_scope )
ltr_Request.AppendParam( "code", ls_code )
ltr_Request.AppendParam( "redirect_uri", is_redirect_url ) // what should this be??

li_rtn = loa_Client.AccessToken( ltr_Request, ltr_Response )
If li_rtn = 1 Then
ls_AccessToken = ltr_Response.GetAccessToken ( ) // Empty
messagebox("token", ls_accessToken)
ls_temp = string(ltr_response.getStatusCode()) // Empty
ls_temp = ltr_response.getStatusText() // Empty
li_rtn = ltr_response.getTokenError(ls_type, ls_Description, ls_uri, ls_state) // Empty

//Step 3: Get the RESTful Server resource
// If Len(ls_AccessToken) > 0 Then
// loa_Request.SetAccessToken (ls_AccessToken)
// loa_Request.Method = "GET"
// loa_Request.Url = "https://www.googleapis.com/oauth2/v1/tokeninfo" // what should this be???
// li_rtn = loa_Client.requestresource( loa_Request, lrr_Response )
// If li_rtn = 1 Then
// lrr_Response.GetBody(ls_Body)
// MessageBox ( "Tips", ls_Body )
// End If
// End If
End If

Comment
There are no comments made yet.
Mark Lee @Appeon Accepted Answer Pending Moderation
  1. Wednesday, 12 June 2024 06:02 AM UTC
  2. PowerBuilder
  3. # 4

Hi Berit,

Thanks for providing the screenshot.
For the Authorization Code grant type, you need to use a popup window to receive the code. If you don’t have values like the redirect_uri, you can ignore it.
You can refer to the following link for the details.
https://docs.appeon.com/pb2022r3/application_techniques/ch04s08s01.html

Code example:

String ls_id, ls_secret, ls_Scope, ls_Redirect
String ls_Body, ls_code, ls_Url_code, ls_AccessToken
Integer li_rtn
OAuthClient loa_Client
TokenRequest ltr_Request
TokenResponse ltr_Response
OAuthRequest loa_Request
ResourceResponse lrr_Response
CoderObject lco_Code
Blob lb_data

lco_Code = Create CoderObject
loa_Client = Create OAuthClient

ls_id = "434849452875-6905f1g9rjiargcnqut06afmnn0b0fp7.apps.googleusercontent.com"
ls_secret = "E1b7RsBxZWKq_yrl-kbfONF5"
ls_Scope = "https://www.googleapis.com/auth/youtube"
ls_Redirect = "https://www.appeon.com/callback"

//Step 1: Get the authorization code
ls_Url_code = "https://accounts.google.com/o/oauth2/auth?client_id=" + ls_id + "&redirect_uri=" + ls_Redirect +"&scope=" + ls_Scope + "&response_type=code"
OpenWithParm ( w_webbrowser,ls_Url_code )
ls_code = Message.Stringparm
If Len ( ls_code ) < 1 Then Return
If Pos( ls_code, "code=" ) < 0 Then return
ls_code = Mid ( ls_code, pos(ls_code,"=") + 1)
ls_code = Mid ( ls_code, 1, pos(ls_code,"&") - 1)
lb_data = lco_Code.Urldecode( ls_code)
ls_code = String ( lb_data,EncodingANSI!) 

//Step 2: Get the RESTful Server token
ltr_Request.tokenlocation = "https://accounts.google.com/o/oauth2/token"
ltr_Request.Method = "POST"
ltr_Request.granttype = "authorization_code"
ltr_Request.clientid = ls_id
ltr_Request.clientsecret = ls_secret
ltr_Request.ClearParams()
ltr_Request.AppendParam( "grant_type","authorization_code")
ltr_Request.AppendParam( "client_id", ls_id )
ltr_Request.AppendParam( "client_secret", ls_secret )
ltr_Request.AppendParam( "scope", ls_Scope )
ltr_Request.AppendParam( "code", ls_code )
ltr_Request.AppendParam( "redirect_uri", ls_Redirect )
ltr_Request.ClearHeaders()
ltr_Request.SetHeader("Content-Type","application/x-www-form-urlencoded")

li_rtn = loa_Client.AccessToken( ltr_Request, ltr_Response )
If li_rtn = 1 Then
 ls_AccessToken = ltr_Response.GetAccessToken ( )
 //Step 3: Get the RESTful Server resource
 If Len(ls_AccessToken) > 0 Then
  loa_Request.SetAccessToken (ls_AccessToken)
  loa_Request.Method = "GET"
  loa_Request.Url = "https://www.googleapis.com/oauth2/v1/tokeninfo"
  li_rtn = loa_Client.requestresource( loa_Request, lrr_Response )
  If li_rtn = 1 Then
   lrr_Response.GetBody(ls_Body)
   MessageBox ( "Tips", ls_Body )
  End If

 End If
End If

 

Comment
  1. Berit Sandvik
  2. Friday, 14 June 2024 05:40 AM UTC
Hi,

I have implemented this and I get the error code 401 - Unauthorized. I will contact the service vendor and check that the URL I am using is correct.

Thank you for your assistance!
  1. Helpful
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.