OAuth and Custom Auth using CLI

Tech Community - Dec 15 '21 - - Dev Community

OAuth is a token-based authentication method that allows the user’s account information to be used by any external service and subsequently provide secure access, without exposing the password. For example, many websites support multiple login methods. One of the login methods you commonly see is logging in through Gmail or logging in through Facebook. This is an example of OAuth. Given below is the basic structure for the OAuth authentication.

webMethods.io Integration’s CLI framework provides built-in OAuth authentication modules for a number of services. You can either use these built-in modules or create custom OAuth authentication modules as per your requirements.

There are two ways to create OAuth authentications:

  1. Using built-in OAuth authentication modules provided by webMethods.io
  2. Creating custom OAuth authentication modules

To use these built-in OAuth authentication modules to create authentications, follow the steps given below:

Using built-in OAuth authentication modules provided by webMethods.io

Using built-in OAuth authentication modules provided by webMethods.io

Step 1. : Execute ‘wmio auth’ command in connector builder, and select . ‘oauth > built-in’. option. You can see the list of services for which webMethods.io provides built-in OAuth authentication modules

Step 2: Select the service for which you want to create OAuth authentication.

This will create an ‘authentication.js’ file in your app directory, in which you can add your authentication logic. The basic OAuth authentication structure is given below:

OAuth authentication structure

module.exports = {
  label : 'Connect to Gmail,    
  mock_input: 
   { 
     access_token: 'token' 
   }, 
  oauth: 'gmail',
  input: {},
  validate : function (input, output)
  {
    // auth data will be available in input.auth
    // var accessToken = input.auth.access_token;
  }
}
Enter fullscreen mode Exit fullscreen mode

Let’s understand more about this structure with the help of an example.

Example

To check the example on using built-in OAuth authentication modules provided by webMethods.io, visit the original post in the Software AG Tech Community.

2. Creating custom OAuth authentication modules

webMethods.io allows you to create custom OAuth authentication modules for any external service. To do this, follow the steps given below:

Step 1: Execute the wmio auth’ command in Connector Builder, and select ‘oauth > create new’ option

Step 2: You can see two options: ‘OAuth 1’ and ‘OAuth 2’. Select the OAuth type for which you want to create an authentication.

Step 3: Provide a name for your custom OAuth authentication module.

Once you have provided these details, a file named ‘ oauth.json ’ will be created in your app directory. You can then populate relevant values for the keys present in this file.

Note: You don’t need to make any modifications to the ‘authentication.js’ file for custom OAuth authentications.

The structure for the ‘ OAuth1 ’ authentication module is given below:

{
 "type": "oauth1",
 "title": "{{title}}",
 "consumerKey": "<CONSUMER KEY>",
 "consumerSecret": "<CONSUMER SECRET>",
 "signatureMethod": "HMAC-SHA1",
 "requestURL": "<REQUEST URL>",
 "authURL": "<AUTH URL>",
 "accessURL": "<ACCESS TOKEN URL>",
 "requiredFields": [], 
 "authQueryParams": { },
 "validate": {
   "url": "ANY API URL TO VALIDATE TOKEN OF THIRD PARTY SERVICE",
   "headers": {
     //<optional>
   },
   "query": {
     //<optional>
     "oauth_token": "{oauth_token}",
     "oauth_token_secret": "{oauth_token_secret}"
   }
 },
 "redirectURL": "{{redirectURL}}"
}
Enter fullscreen mode Exit fullscreen mode

Understand more about this structure with the help of another two examples found the original article in the Software AG Tech Community.

Deploying the custom OAuth

Once you have created a custom OAuth, you need to deploy it on Connector Builder in order to start using it in your triggers and actions.

To deploy your custom OAuth, execute the ‘flow oauth deploy’ command in Connector Builder.

This will add your custom OAuth in the ‘Authorization’ fields of all Github actions and triggers.

{
  "type": "oauth2",
  "title": "github",
  "clientId": "81vqd1s4y***",
  "clientSecret": "cqL4JnnxHpcE**",
  "authURL": "https://github.com/login/oauth/authorization",
  "tokenURL": "https://github.com/login/oauth/access_token",
  "preAuthProcessing": {
    "Authorization": "Basic base64({client_id}{client_secret})"
  },
  "authQueryParams": {
    "client_id": "{client_id}",
    "client_secret": "{client_secret}"
  },
  "preTokenProcessing": {
    "headers": {
      "Authorization": "Basic base64({client_id}{client_secret})"
    }
  },
  "tokenParams": {
    "method": "",
    "headers": {},
    "data": {
      "client_id": "{client_id}",
      "client_secret": "{client_secret}",
      "redirect_uri": "{redirect_uri}",
      "grant_type": "authorization_code"
    }
  },
  "preRefreshProcessing": {
    "Authorization": "Basic base64({client_id}{client_secret})"
  },
  "refreshParams": {
    "data": {
      "client_id": "{client_id}",
      "client_secret": "{client_secret}",
      "redirect_uri": "{redirect_uri}",
      "grant_type": "refresh_token",
      "refresh_token": "{refresh_token}"
    }
  },
  "requiredParams": [
    {
      "id": "domain",
      "title": "Domain",
      "description": "domain"
    }
  ],
  "includeParams": {
    "domain_url": "https://{domain}.example.com",
    "domain": "{domain}"
  },
  "refreshURL": "https://github.com/login/oauth/access_oken",
  "scope": {
    "public_repo": "Read/write access to public repos and organizations.",
    "gist": "Write access to gists."
  },
  "validate": {
    "url": "https://api.github.com/users/octocat/orgs",
    "headers": {
      "Authorization": "Bearer {access_token}"
    },
    "query": {}
  },
  "redirectURL": "https://auth-int.webmethods.io/auth/oauth/github_eb2804f6a2/fla8f8919884231f3a77973d/return"
}
Enter fullscreen mode Exit fullscreen mode

Custom OAuth

To Enable custom authentication in your CLI Connector you need to create OAuth 2 and then add the following keys in your authentication.js file

“is_default”: true

“is_custom”: true

“custom_oauth_schema”:{}

Is_default : Set to false if you want to disable default authorization

is_custom : Set to false if you want to disable Custom authorization

custom_oauth_schema : Type of OAuth being used

Updating the Custom OAuth

In case you want to make any changes in the custom OAuth of any service, you need to update the relevant details in the ‘oauth.json’ file for that custom OAuth and redeploy it using the ‘flow oauth deploy’ command in the Connector Builder.

Read full topic

Image
Overview of Tianjin Ruijie Steel Pipe Co., Ltd

design
Image
Develop a growth mindset for business.
Image
Gold Medalist Astrologer in Gujarat

bestastrologer, topastrologer, astrologer, astrology
Image
Buffer Overflow: Balancing Memory and Security in Software

devchallenge, cschallenge, computerscience, beginners
Image
Your Milestones in 2024: Programming Roadmap

programmingroadmap, roadmap, programming, beginnertoadvanced
Image
How Good Are Large Language Models at Program Synthesis?

llm
Image
A Beautiful and Timely Python Multi-page Streamlit Application | by John Loewen

python, programming, datascience, tutorial
Image
6 Creative ways to finance your Startup

finance
Image
Case Sharing: temporary failure in name resolution
Image
WHAT WORKS KSHITIJ STAR AS A DIGITAL MARKETING AGENCY?

digitalmarketing, webdev, beginners, programming
Image
The power of networking for businessman

networkig
Image
A reference CDK stack
Image
Let's Play with the DEV API

development, api, javascript, beginners
Image
Top productivity Hacks for Busy business owners
Image
Developing Content for Every Stage of the Customer Journey

career, learning, design, architecture
Image
Let’s Talk About The Real Reason For All These Tech Layoffs

layoffs
Image
Saving time and money through task Automation
Image
Xintuo New Energy Co., Ltd.: Leading the Charge in Renewable Solutions

design
Image
🧵 Web Workers and Multithreading in JavaScript

javascript, webdev, programming, learning
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .