I'm trying to generate Authorization code in Jmeter with Oauth PKCE flow could'nt extract code any thoughts here would be helpful.
Refer your application documentation as the implementations might be different.
Some parameters cannot be "extracted", i.e. you need to know your client_id beforehand.
Some parameters needs to be generated, if no documentation is available you can use i.e. Call Your API Using the Authorization Code Flow with PKCE which contains comprehensive explanation and example code snippets for creating code_verifier and code_challenge
Example code for code_verifier generation:
import java.security.SecureRandom;
SecureRandom sr = new SecureRandom();
byte[] code = new byte[32];
sr.nextBytes(code);
String verifier = Base64.getUrlEncoder().withoutPadding().encodeToString(code);
log.info('code_verifier: ' + verifier)
vars.put('verifier', verifier)
Example code for code_challenge
import java.security.MessageDigest
import org.apache.commons.codec.binary.Base64
byte[] bytes = vars.get('verifier').getBytes("US-ASCII");
MessageDigest md = MessageDigest.getInstance("SHA-256");
md.update(bytes, 0, bytes.length);
byte[] digest = md.digest();
String challenge = Base64.encodeBase64URLSafeString(digest);
log.info('code_challenge: ' + challenge)
The code can be invoked from the JSR223 Test Elements using Groovy as the language
Related
Is there a way to parse xml in docusign? And if so, how does this work? I do not find any user guide or something like this.
Thank you for your support
I would recommend that you use the REST API. the SOAP API is very old and not actively being worked on.
To retrieve values from a DocuSign "form" (we call it an envelope) you can use the following code example:
Here is a C# snippet, you get back at the end JSON with all the form data.
// Step 1: Obtain your OAuth token
var accessToken = RequestItemsService.User.AccessToken; // Represents your {ACCESS_TOKEN}
var accountId = RequestItemsService.Session.AccountId; // Represents your {ACCOUNT_ID}
var envelopeId = RequestItemsService.EnvelopeId;
// Step 2: Construct your API headers
var config = new Configuration(new ApiClient(basePath));
config.AddDefaultHeader("Authorization", "Bearer " + accessToken);
// Step 3: Call the eSignature REST API
EnvelopesApi envelopesApi = new EnvelopesApi(config);
EnvelopeFormData results = envelopesApi.GetFormData(accountId, envelopeId);
I'm trying to use Google OAuth with Sign in & Sign Up for my Web Server Application.
This is the page : https://developers.google.com/identity/sign-in/web/backend-auth that I have referenced, but I am stuck in using the Google Client API, the TokenVerifier that is mentioned below in the document. I tried to find some examples, but I couldn't find one, as I am not sure how to handle the parameters in the methods that the sample shows.
import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken.Payload;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier;
...
GoogleIdTokenVerifier verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory)
.setAudience(Arrays.asList(CLIENT_ID))
.build();
// (Receive idTokenString by HTTPS POST)
GoogleIdToken idToken = verifier.verify(idTokenString);
if (idToken != null) {
Payload payload = idToken.getPayload();
if (payload.getHostedDomain().equals(APPS_DOMAIN_NAME)
// If multiple clients access the backend server:
&& Arrays.asList(ANDROID_CLIENT_ID, IOS_CLIENT_ID).contains(payload.getAuthorizedParty())) {
System.out.println("User ID: " + payload.getSubject());
} else {
System.out.println("Invalid ID token.");
}
} else {
System.out.println("Invalid ID token.");
}
For example, I know what these CLIENT_ID, ANDROID_CLIENT_ID, IOS_CLIENT_ID parameters mean in the sample code(in the reference page), but the server only receives id_token, which is basically a String Text. (That was made by the google api in the client-side, the javascript)
So, I do not have these parameter values passed to the server from the client. I know that google shows another way: the tokeninfo endpoint, but they mentioned that it is for only 100user/month only. (If I translated it correctly) However, for the tokeninfo endpoint way, they return the JSON file of containing client ids, which I think that would be the values for the parameters that I mentioned before, but I do not want to use the token info endpoint method.
So, my question is, how do I get the right parameter values for the sample code that is showed in the google document page? I only receive id_token value from the client.
ANDROID_CLIENT_ID or IOS_CLIENT_ID should be hard coded (in a config file) in your server's code.
Essentially your server is getting an id_token in a request and you need to make sure if it is meant for your app or server by checking the audience in there and making sure it matches one of the values you are expecting.
I am stuck with the oauth1 migration to oauth2. I don't want to ask my users to grant contact access again, so I prefer to do migration myself but I am getting hard time figuring out why it doesn't work.
I'm getting this error from Google server:
DEBUG - << " "error" : "invalid_request",[\n]"
DEBUG - << " "error_description" : "Invalid authorization header."[\n]"
here is my code, I did almost the same thing when consuming google api, but for migration it is not working.
GoogleOAuthParameters oauthParameters = new GoogleOAuthParameters();
oauthParameters.setOAuthConsumerKey(getConsumerKey());
oauthParameters.setOAuthConsumerSecret(getConsumerSecret());
oauthParameters.setOAuthToken(token);
ClassPathResource cpr = new ClassPathResource("mykey.pk8");
File file = cpr.getFile();
PrivateKey privKey = getPrivateKey(file);
OAuthRsaSha1Signer signer = new OAuthRsaSha1Signer(privKey);
GoogleOAuthHelper oauthHelper = new GoogleOAuthHelper(signer);
String requestUrl = "https://www.googleapis.com/oauth2/v3/token";
String header = oauthHelper.getAuthorizationHeader(requestUrl, "POST", oauthParameters);
String payload = "grant_type=urn:ietf:params:oauth:grant-type:migration:oauth1&client_id="+com.app.framework.utils.OAuthHelper.OAUTH2_CLIENT_ID+"&client_secret="+com.app.framework.utils.OAuthHelper.OAUTH2_CLIENT_SECRET;
HttpClient httpClient = new DefaultHttpClient();
HttpPost httpPost = new HttpPost(requestUrl);
httpPost.addHeader("Authorization", header);
httpPost.addHeader("Content-Type", "application/x-www-form-urlencoded");
httpPost.setEntity(new ByteArrayEntity(payload.getBytes()));
String response = httpClient.execute(httpPost, new BasicResponseHandler());
After some emails exchange with #Miguel, he successfully points me to the solution.
The issue:
The OAuthHelper that GoogleOAuthHelper extends uses TwoLeggedOAuthHelper to build the base_string. The TwoLeggedOAuthHelper was not injecting 3 required parameters: client_id, client_secret and the grant_type in the base_string.
The solution:
I had to create my own classes: copy/paste code from OAuthHelper to MyOAuthHelper and from TwoLeggedOAuthHelper to MyTwoLeggedOAuthHelper. You need some declarations from GoogleOAuthHelper to resolve compilation errors.
MyOAuthHelper will call MyTwoLeggedOAuthHelper instead of TwoLeggedOAuthHelper.
Now in MyTwoLeggedOAuthHelper, around line 79, locate the
String baseString = OAuthUtil.getSignatureBaseString(baseUrl,
httpMethod,…
and add the following:
String clientId = "client_id%3DXXX123456789XXX.apps.googleusercontent.com%26";
String clientSecret = "client_secret%3DXXXX_XXXX_XX_XX%26";
String grantType = "grant_type%3Durn%253Aietf%253Aparams%253Aoauth%253Agrant-type%253Amigration%253Aoauth1%26";
baseString = StringUtils.replace(baseString, "token&", "token&" + clientId + clientSecret + grantType);
Some notes:
client_id and client_secret must be the one your backend used to get the OAUTH1 access token. Be careful with that especially if you have multiple "Client ID for web application" defined in your Google console.
Notice the crazy grant_type encoded twice.
The Google classes used are located in maven: com/google/gdata/core/1.47.1/core-1.47.1.jar
Kudos to #Miguel
Your request is failing signature verification. Please check out the responses to this related question for detailed instructions on how to construct the base string for your request and sign it.
Hope that helps!
I want to do application(Play 2) to application(Spring) Private API call that is secured by OAuth 1.X. How can I do that in Play 2 framework? Following this example I was able to invoke the service in 3 legged way. What changes I should make to switch to 2 legged way?
I had a similar problem and found Steven Phung's gist on github:
def doRequest(key: String, secret: String) {
val ck = ConsumerKey(key, secret)
val calc = OAuthCalculator(ck, RequestToken("", ""))
calc.setSendEmptyTokens(true)
WS.url(endpoint).sign(calc).get.map(response => {
println(response.json)
})
}
This code snippet assumes that you have empty request token key and secret. If you have a specific token key and secret that you need to provide to calculate the OAuth signature, then you need to provide them as arguments to the constructor of RequestToken.
The classes you need to import can be found in play.api.libs.oauth._.
anyone ever used C# in combination with the library RestSharp and OAuthBase in order get some interaction with LinkedIn?
I'm looking for a working example using these tools to do proper authorization (oAuth 2.0) and to publish a post using the share API on LinkedIn.
So far I've been successful using these tools to obtain valid access tokens (I can use it to obtain profile information for example), but posting via the share API got me stuck on authentication.
Any help would be very much appreciated!!
it turned out to be much simpler than I was thinking.... (doesn't it allways?)
The main point to take into account is: oAuth 2.0 does not require signatures, nonce, timestamps, authorization headers ... none of that.
If you want to post on LinkedIn using the sahres API and using oAuth2.0 ... OAuthbase is not needed.
Simply follow the oauth 2.0 authentication flow as described here:
http://developer.linkedin.com/documents/authentication
And then you can use the following code as a starting point:
var shareMsg = new
{
comment = "Testing out the LinkedIn Share API with JSON",
content = new
{
title = "Test post to LinkedIn",
submitted_url = "http://www.somewebsite.com",
submitted_image_url = "http://www.somewebsite.com/image.png"
},
visibility = new
{
code = "anyone"
}
};
String requestUrl = "https://api.linkedin.com/v1/people/~/shares?oauth2_access_token=" + accessToken;
RestClient rc = new RestClient();
RestRequest request = new RestRequest(requestUrl, Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("x-li-format", "json");
request.RequestFormat = DataFormat.Json;
request.AddBody(shareMsg);
RestResponse restResponse = (RestResponse)rc.Execute(request);
ResponseStatus responseStatus = restResponse.ResponseStatus;
Happy coding!!