B4J Question ABMaterial Oath

codie01

Active Member
Licensed User
Longtime User
Hi guys,

This is what I need to achieve.

I need to Authorize my ABMaterial app to access a square account.
I can send a request and I get back the Oauth page from square as an html document.
When authorization is complete I need to store the tokens.

Here is a link to the Oauth proccess: https://docs.connect.squareup.com/basics/oauth/overview

How do I open a new browser tab to view the html document returned by this call and then pass back to ABM when completed.

Please not it works like google oauth

Thanks Phil
 

keirS

Well-Known Member
Licensed User
Longtime User
Hi guys,

This is what I need to achieve.

I need to Authorize my ABMaterial app to access a square account.
I can send a request and I get back the Oauth page from square as an html document.
When authorization is complete I need to store the tokens.

Here is a link to the Oauth proccess: https://docs.connect.squareup.com/basics/oauth/overview

How do I open a new browser tab to view the html document returned by this call and then pass back to ABM when completed.

Please not it works like google oauth

Thanks Phil

Not familiar with ABMaterial but I know OAuth2 very well. You should not be opening a browser window to receive back information from Square. The redirect URI should redirect to your server not to the client. One way of maintaining session state (matching requests to generated tokens) is to use the sate parameter for the /oauth2/authorize endpoint this is returned as a parameter of your redirection URI.
 
Upvote 0

keirS

Well-Known Member
Licensed User
Longtime User
Something like this for B4JServer.

Main
B4X:
Sub Process_Globals
    Private SrvrOAuth As Server
    Dim ClientSecret As String = "MyClientSecret"
    Dim ApplicationID As String = "MyClientApplicationID"
    Dim RedirectURI As String = "http://MyRedirectURI.Com/OAuthToken"
End Sub
Sub AppStart (Args() As String)
    SrvrOAuth.Initialize("SrvrOAuth")
    SrvrOAuth.Port = 7894
    SrvrOAuth.StaticFilesFolder = File.Combine(File.DirApp, "www")
    SrvrOAuth.AddHandler("/OAuthToken", "", False)
    SrvrOAuth.Start
   StartMessageLoop
End Sub

OAuthToken handler
B4X:
Sub Class_Globals
   
End Sub
Public Sub Initialize
   
End Sub
Sub Handle(req As ServletRequest, resp As ServletResponse)
 Dim FetchOAuthToken As HttpJob
 Dim AuthCode As String
 Dim AuthState As String
 Dim TokenMap As Map
 Dim AuthToken As String
 If req.GetParameter("error_code").Length > 0 Then
    'something went wrong wit the authorization so handle an error
 Else
    'Need to fetch the Auth Toke from the Auth Code
    AuthCode = req.GetParameter("code")
    AuthState = req.GetParameter("state")
        Wait for (GetToken(AuthCode)) Complete (TokenMap As Map)
        If TokenMap <> Null Then
            AuthToken = TokenMap.Get("access_token")
           'Got the token now update web page
        Else
            'Handle Error
       
        End If
End If
End Sub
Sub GetToken(AuthCode As String) As ResumableSub 
    Dim  JParser As JSONParser
    Dim RequestBuilder As StringBuilder
    Dim RequestToken As HttpJob
   
    'Buld request to swap code for token
    RequestBuilder.Initialize()
    RequestBuilder.Append("client_secret=").Append(Main.ClientSecret) _
    .Append("&") _
    .Append("client_id=").Append(Main.ApplicationID) _
    .Append("&") _
    .Append("grant_type=").Append("authorization_code") _
    .Append("&") _
    .Append("redirect_uri=").Append(Main.RedirectURI) _
    .Append("&") _
    .Append("code=") _ 
    .Append(AuthCode)
   
    RequestToken.Initialize("",Me)
    RequestToken.PostString("https://somewebsite.com/oauth/token",RequestBuilder.ToString)
   
    Wait For (RequestToken) JobDone(RequestToken As HttpJob)
    If RequestToken.Success Then
        Log(RequestToken.GetString)
        JParser.Initialize(RequestToken.GetString)
        RequestToken.Release
        Return JParser.NextObject
       
    Else
        RequestToken.Release
        Log("Failed")
        Return Null
    End If
   
 
End Sub

The above isn't necessarily working code but it should give you enough pointers to do your own version.
 
Upvote 0
Top