Difference between revisions of "Authorization code usecase 1"
Pavel.lobko (talk | contribs) (→Preparations) |
Pavel.lobko (talk | contribs) |
||
| Line 3: | Line 3: | ||
== Preparations == | == Preparations == | ||
The next steps are to be performed before we can compose and execute i2Rest Client command.<br> | The next steps are to be performed before we can compose and execute i2Rest Client command.<br> | ||
| − | :a) Your application should be registered as a client (obtaining Device ID and Device Password) on [https://console.developers.google.com/apis/credentials Google] (see [https://developers.google.com/identity/protocols/oauth2 details]). Make sure Redirection URI matches Bridge | + | :a) Your application should be registered as a client (obtaining Device ID and Device Password) on [https://console.developers.google.com/apis/credentials Google] (see [https://developers.google.com/identity/protocols/oauth2 details]). Make sure your specify Redirection URI that matches i2Rest Bridge endpoint.<br> |
:b) Insure that you have Google SSL CA installed. [[Add_external_CA_to_trust_list |Install it if needed]].<br> | :b) Insure that you have Google SSL CA installed. [[Add_external_CA_to_trust_list |Install it if needed]].<br> | ||
:c) Register your i2Rest Client on your i2Rest Server as a client to enable "bridge mode" by setting up your i2Rest Server [[OAuth2_object|OAuth2 object]]. | :c) Register your i2Rest Client on your i2Rest Server as a client to enable "bridge mode" by setting up your i2Rest Server [[OAuth2_object|OAuth2 object]]. | ||
| Line 28: | Line 28: | ||
SCOPE('https://www.googleapis.com/auth/drive.file') | SCOPE('https://www.googleapis.com/auth/drive.file') | ||
</pre> | </pre> | ||
| − | :to specify Bridge mode parameters obtained on Preparations step (c | + | :to specify Bridge mode parameters obtained on Preparations step (c). |
<pre> | <pre> | ||
AUTHMETHOD(*BRIDGE) | AUTHMETHOD(*BRIDGE) | ||
| Line 57: | Line 57: | ||
</pre> | </pre> | ||
| − | == Authorization code flow | + | == Authorization code flow == |
| + | After the command was executed, I2Rest client starts performing [[Authorization_Code_flow_description|Oauth2 Authorization code flow]]. | ||
i2Rest Client will provide end user with link to follow.<br> | i2Rest Client will provide end user with link to follow.<br> | ||
[[File:Authorization_code_usecase1-1.png|style="padding: 10px"]] | [[File:Authorization_code_usecase1-1.png|style="padding: 10px"]] | ||
Revision as of 15:18, 4 June 2020
The usecase shows how to use I2Rest Client request with Oauth2 Authorization code flow. We will call Google Drive Api in order to get the list of existing files on "i2restexample" user Google Drive.
Contents
Preparations
The next steps are to be performed before we can compose and execute i2Rest Client command.
- a) Your application should be registered as a client (obtaining Device ID and Device Password) on Google (see details). Make sure your specify Redirection URI that matches i2Rest Bridge endpoint.
- b) Insure that you have Google SSL CA installed. Install it if needed.
- c) Register your i2Rest Client on your i2Rest Server as a client to enable "bridge mode" by setting up your i2Rest Server OAuth2 object.
i2Rest Client command composing
So what we need composing i2Rest Client command is:
- to set request method and API endpoint to values that are specified in the API method description (d);
I2REST COMMAND(*Get)
URL('https://www.googleapis.com/drive/v3/files')
- to specify properly configured on Preparations step (b) Certificate_Store to be able to work with SSL secured resource;
DCMCLIENT(MYCLIENT)
- to specify obtained on Preparations step (a) requisites;
AUTHID('677815701888-aj80fure8f1laqd3dqvpqtmlandni5an
.apps.googleusercontent.com')
AUTHPW(tI2ezmVGioGwrGk9K2O23Mv5)
AUTHURL('https://accounts.google.com/o/oauth2/v2/auth
')
TOKENURL('https://oauth2.googleapis.com/token')
SCOPE('https://www.googleapis.com/auth/drive.file')
- to specify Bridge mode parameters obtained on Preparations step (c).
AUTHMETHOD(*BRIDGE)
BRIDGEURL('https://api.i2rest.com:22089/a2d')
BRIDGEID(OAUTH21)
BRIDGEPW(oauth21)
All the necessary parameters are specified, it's time to execute the complete command.
I2REST COMMAND(*GET)
URL('https://www.googleapis.com/drive/v3/files')
OUTPUT(*BOTH)
DCMCLIENT(MYCLIENT)
RECVLOG('/home/btpl/recv.log')
SENTLOG('/home/btpl/sent.log')
AUTHMETHOD(*BRIDGE)
TOKENS('/qsys.lib/qtemp.lib/tokens.usrspc')
AUTHID('1052056765075-qv2u4rgmhs6rgoijpribg64ffvtgdhi
6.apps.googleusercontent.com')
AUTHPW(HDXLMOqhdtnSZ5CfCZBWQOsQ)
AUTHURL('https://accounts.google.com/o/oauth2/v2/auth
')
TOKENURL('https://oauth2.googleapis.com/token')
SCOPE('https://www.googleapis.com/auth/drive.file')
BRIDGEURL('https://api.i2rest.com:22089/a2d')
BRIDGEID(OAUTH21)
BRIDGEPW(oauth21)
Authorization code flow
After the command was executed, I2Rest client starts performing Oauth2 Authorization code flow.
i2Rest Client will provide end user with link to follow.
After entering the Bridge user code end user will be redirect to authorization server.
End user suggested to perform user authentication.
End user suggested to grant access to requested scope.
Now end user is redirected back to i2Rest bridge.
Checking the result!
Here is server response:
Server response (status 200, shown 214 bytes of 214):
{
"kind": "drive#fileList",
"incompleteSearch": false,
"files": [
{
"kind": "drive#file",
"id": "1b-aQhiVeXgAQZVYeftIpuBo2GCvKQzHz",
"name": "i2rest.doc",
"mimeType": "application/msword"
}
]
}
