oauth-grant-type-authorization-code

OAuth – Grant Type Authorization Code

For Authorization Code Grant Type, you have to first get the authorization code and then using this code you can get access token.

Getting Authorization Code

String endPoint = “”http://$GATEWAYURL/api/$VERSION/$APINAME/authorize”; String clientId = “xxxxxxx”; String redirectURI = “https://api.shephertz.com/”; //Your IAM Redirect URI String scope = “xxxxx”; //Scope for maintaining transaction String state = “/1.0/album/?name=xxxx”; //Permission OAuthClientRequest request = OAuthClientRequest .authorizationLocation(endPoint) .setClientId(clientId) .setRedirectURI(redirectURI).setState(scope).setScope(state).setResponseType(ResponseType.CODE.toString()) .buildQueryMessage(); OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient()); OAuthJSONAccessTokenResponse response = oAuthClient.accessToken(request); System.out.println(response);`

Getting Access Token from Code

String clientId = “xxxxxxx”; String clientSecret = “xxxxxx”; String tokenEndPoint = “http://$GATEWAYURL/api/$VERSION/$APINAME/token”; String authCode = “xxxxxxxxx”; String redirectURI = “https://api.shephertz.com/”; //Your IAM Redirect URI OAuthClientRequest request = OAuthClientRequest .tokenLocation(tokenEndPoint) .setClientId(clientId).setClientSecret(clientSecret).setCode(authCode).setGrantType(GrantType.AUTHORIZATION_CODE) .setRedirectURI(redirectURI) .buildQueryMessage(); System.out.println(request.getLocationUri()); OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient()); OAuthJSONAccessTokenResponse response = oAuthClient.accessToken(request); System.out.println(response.getBody());

Once you have access token, you can make a call to your API by passing access_token parameter either in header or in query param. App42 API gateway will do rest of the thing for your API. If you are writing your own API through Java, you will get AccessToken object available in HttpRequestObject reference. This will have all the information of access token including its value, expiry, permission state etc.