Knowledge Base
  • Introduction
  • Events and Actions
  • Action Panel
  • sending email
  • calling a SQL action from a client side js action
  • Accessing to translations form a server
  • Executing SQL statements from within an action
  • How to invoke a generic SQL statement defined through a SQL action
  • How to show a message dialog
  • checking for "undefined" values
  • How to add spaces to the right of a text
  • How to create a docx report and show it on the web browser Enterprise Edition only
  • How to get or set a value from the graphics control
  • How to invoke a generic SQL query defined through a business component
  • How to remove spaces to the left and right of a text
  • How to support multiple themes in a single application, accoding to a rule
  • How to set content to a Google Map linked to a grid or form
  • How to replace all occurences of a pattern from a text
  • Utility methods
  • Link auto login
  • Creation of a link for the first access of a new user without give the user a password and forcing
  • Forgot password
  • setting up default values from values coming from a filter panel
  • identifing the modified record after the alteration
  • enabling/disabling checkboxes in a grid
  • Filtering a Lookup
  • formatting a column
  • using checkboxes to select rows in grid
  • showing a summary row in grid
  • Disabling a toolbar button
  • Configuring grid exports
  • Adding filter conditions to a grid
  • Filtering the grid content from a tree
  • Filtering the tree content, starting from a filter panel linked to a grid
  • collapsing a panel
  • validating a lookup
  • accessing the authorizations set for a specific grid
  • How to design a web service
  • How to remotelly invoke an action or business component or perform a write operation through a Restf
  • how to feed a grid from a JS business component
  • converting a JS object to a JSON string
  • executing a query
  • passing parameters to a server side JS action
  • return value
  • scheduling and frequency
  • finding the right filter panel
  • checking out if a component has been defined
  • Deploying an application
  • Enquiring a table belonging to the Platform repository
  • Adding a where clause to a business component linked to grid
  • Integrating Mailchimp lists
  • Formatting a number as a currency value to use it inside an email template
  • sending email from a template
  • How to send an email
  • Error 'smtpHost' is empty
  • Linking two windows
  • How to open manually a window from another window
  • How to open manually a popup window
  • How to hide a panel in a window dinamically
  • How to manage folder panels
  • How to manage card panels
  • Predefined variables supported by Platform
  • Accessing the application parameters
  • Application Log
  • How to design a web service
  • How to import java classes in server
  • How to import java classes in server
  • How to dynamically set a value on a combo
  • 4WS.Platform
  • How to listen to events in a mobile HTML panel
  • Issues with HTTPS requests
  • How to manage row totals in grid
  • How to send to the UI a notification to execute code automatically
  • How to filter a chart by date interval
  • How to filter a grid by date interval
  • How to read a text or csv file and save data on the database
  • How to write text or csv files
  • Reading an xls file stored in the specified path
  • How to create a report with Jasper Report
  • How to customize the alert message content
  • Setting up a cluster
  • Uploading and downloading files
  • How to listen to user definition changes
  • How to auto-show a window from login
  • How to manage encrypted fields
  • How to change CSS settings for a grid row
  • Customizing a Tree Panel
  • How to execute complex queries on Google Datastore
  • Theme customization
  • Retrieve and send the log of a mobile app
  • Import Roles and Users
  • How to synchronize multiple Form panels in the same window
  • Anchor buttons
  • Properties of subpanels
  • Bulk import
  • How to display the data not found message in a grid
  • How to setup an LDAP based authentication
  • How to synchronize data from Datastore to BigQuery
  • How to synchronize data from Datastore to Google Spanner
  • How to synchronize data from Datastore to CloudSQL
  • Scrollable form list
  • How to setup SAML authentication
  • How to export data from BigQuery in streaming
  • Update Google Spreadsheet
  • How to setup OAuth2 authentication
Powered by GitBook
On this page

Was this helpful?

How to setup OAuth2 authentication

PreviousUpdate Google Spreadsheet

Last updated 8 months ago

Was this helpful?

OAuth2 involves 5 different times to correctly setup and use it:

  • The OAuth2 Server administrator must create OAuth2 credentials for the specific Platform application and provides the following information:

    1. client id

    2. client secret

    3. any "scopes" needed later to access specific protected resources

    4. the access token end point (an URL)

    5. the authorization base URL

  • the Platform dev must provide a callback (i.e. a public web service) that the OAuth2 Server must invoke at the end of the step 3 and pass forward the permanent code, valid per user; the OAuth2 Server administrator could have to include such callback in its configuration; for instance, in case of Google OAuth, you must include this URL in web page "Client ID for web application", related to the specific OAuth2 credentials created: Google requires that all callback URLS must be defined and authorized. The Platform dev must creates a server-side javascript action used as the callback and it must be public, i.e. includes Platform credentials, for example using api/cmd=..&applicationId=...

  • the user have to generate the permanent code una tantum; in order to do it, the Platform dev must create a server-side javascript action in order to generate the "Authorization request" (in the schema above); once done that, the user can authorize through its personal credentials and the callback will be invoked; the callback contains the permanent code; there should be also an application logic to store such permanent code somewhere (e.g. in a database table, a code per user)

  • after the generation of the permanent code, a series of calls to protected web resources can be executed; before doing it, a temporary access token must be created, starting from the permanent code (the "Access token request" described in the schema above); for example, every time the user logon into the app, its permanent code can be used to generate the access token, which has always an expiration (e.g. an hour); it is up to the application to ensure that the access token is always valid, by re-genereting it when needed

  • once getting the access token, this must be included in any subsequent request, when accessing protected web resources (the "Resource request" reported in the schema above)

To sum up, these can be the server-side js actions to create:

Server-side js action used by the end user to generate the permanent code, starting from

  • client id

  • client secret

  • access token end point

  • authorization base url

var authUrl = utils.getOAuth2AuthorizationUrl(
    "...", //client id
    "...", // clientSecret,
    "http://myhost/platform/api?cmd=callback&applicationId=...",
    //"http://localhost:8080/wag/oauth2callback", // callback
    "profile", // scope, 
    "https://oauth2.googleapis.com/token", // accessTokenEndpoint for Google, 
    "https://accounts.google.com/o/oauth2/v2/auth" // authorizationBaseUrl for Google
);

When this action is invoked, and authURL is dinamically generated and should be showed in the web browser window: the user must confirm its content and behind the scenes the web service provided by Platform will be invoked (callback), i.e.

var code = reqParams.code; 
// application logic which saves such code in a table for subsequent requests
// ...

// finally, provide an HTML response to show in the web browser for the user
// for example:
utils.setReturnValue("<html><body>Authorization process completed: you can now close this window.</body></html>");

For example, Google would provide this reqParams content:

{
  "remoteUser":null,
  "code":"....,
  "remoteHost":"0:0:0:0:0:0:0:1",
  "getQueryString":"cmd=callback&applicationId=...&state=...",
  "remotePort":60798,
  "scope":"profile https://www.googleapis.com/auth/userinfo.profile",
  ...
}

The following server-side js action is used to generate a temporary access token, starting from the permanent code:

var access_token = utils.getOAuth2AccessToken(
    "...", //client id
    "j6tPwEOOlmePBmkdJImga3Vc", // clientSecret,
    "..., // callback
    "profile", // scope, it cam chamge according to the OAuth2 server... 
    "...", // accessTokenEndpoint, 
    "...", // authorizationBaseUrl,
    code // code
);

Finally, you can use it in any subsequent resource calls:

var response = utils.sendOAuth2Request(
    "...", //client id
    "...", // clientSecret,
    "...", // callback
    "profile", // scope, 
    "...", // accessTokenEndpoint, 
    "...", // authorizationBaseUrl,
     access_token, // accessToken
     "https://www.googleapis.com/oauth2/v3/userinfo"  // an example of resource call
);