Geek asks and answers

Tridion UGC Service and oAuth Authentication

I had a problem trying to execute a web request in UGC and authenticate with oAuth. I am making a web request, for example:

WebRequest wr = WebRequest.Create("http://ugc.service/odata.svc/Ratings(Id=200)");
wr.Headers["authorization"] = "OAuth " + auth;

Where auth is my token returned from access_token.svc. According to the documentation, the token returned from the service should look something like this: -

HufXeuUt% 2FYYElA8SYjJOkUkrXxV9dyXRirmKhjW% 2Fb% 2FU% 3D

However, what I return from access_token.svc is more like: -

{"access_token": "client_id% 3dtestuser% 26expiresOn% 3d1361898714646% 26digest% 3d% 2fW% 2fvyhQneZHrm1aGhwOlgLtA9xGWd77hkxWbjmindtM% 3d", "expires_in": 300}

I parsed JSON to extract various lines and tried to pass authorization to them, but all I try is getting an error in the logs - "ERROR Error OAuth2AccessToken - Digest Invalid". What part of the token and in what format should I go through authorization?

Many thanks

John

+5
source share
1 answer

As you mentioned, the protocol is as follows:

  • You send a request to the token endpoint to get the token (you need to specify client_id and your client_secret here as headers or request parameters);

  • You will get an answer similar to this {"access_token":"sometoken","expires_in":300}:; 2.1 It is worth knowing that the token is encoded in url and in UTF-8 format, so on the Java side you need to do URLDecoder.decode("sometoken", "UTF-8");, and on the .NET side you need to do HttpUtility.UrlDecode("sometoken", System.Text.Encoding.UTF8);;

  • . Java builder.header("authorization", "OAuth " + decodedTokenString);, .NET Client.Headers["authorization"] = "OAuth " + DecodedTokenString;

, SharedSecret, cd_webservice_conf.xml(/Configuration/AuthenticationServer/SharedSecret/) TokenAccessPoint, , SharedSecret, cd_ambient_conf.xml(/Configuration/Security/SharedSecret/) (WebService).

, , ? , SharedSecret ?

, .

+5

More articles:


All Articles