function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
MikeBorozdinMikeBorozdin 

interactive login example

The Chatter API Guide shows how to get authentication using grant_type = password.

 

I'd like to know how to set up the interactive flow.

The OAuth examples on Force.com look like they are not dealing with Chatter.  I tried posting:

 

client_id

client_secret

grant_type

redirect_uri

 

to 

https://na11.salesforce.com//services/oauth2/token

 

but I get an HTTP err 400 back.

 

The examples I see are posting to a whole different url: login.salesforce.com...

such as this example http://wiki.developerforce.com/index.php/Digging_Deeper_into_OAuth_2.0_on_Force.com

 

It looks a little suspicious.  In my mind changing from grant_type: password to something else should still post to the same URL.

 

What si the proper way to get an access token to Chatter REST API?

cloudcodercloudcoder

The Chatter API is REST based, and as such, you can use the OAuth2 flow. LMK what language you are using and I can point you to an appropriate sample.

 

 
MikeBorozdinMikeBorozdin

I am using Java.

 

Thanks!
MikeBorozdinMikeBorozdin

This is just the first step but somehow I consistently get error 400.

 

Java code is actually pretty simple:

 

as I am following: http://wiki.developerforce.com/index.php/Digging_Deeper_into_OAuth_2.0_on_Force.com

 

This is the first step:

String query = "";

query += URLEncoder.encode("client_id", "UTF-8") + "=" + URLEncoder.encode(consumerKey, "UTF-8");

query += "&" + URLEncoder.encode("response_type", "UTF-8") + "=" + URLEncoder.encode("code", "UTF-8");

query += "&" + URLEncoder.encode("redirect_uri", "UTF-8") + "=" + URLEncoder.encode(callBackUrl, "UTF-8");

 

URL loginURL = new URL(oauthUrl + "?" + query);

System.out.println(loginURL.toString());

 

connection = (HttpURLConnection) loginURL.openConnection();

connection.setDoOutput(true);

 

int responseCode = connection.getResponseCode();

 

if (responseCode != 200) {

    System.err.println("Got an error after login " + responseCode);

    return "";

}

 
cloudcodercloudcoder

Can you please show me the URL you are using to perform the login request? There is also a full java example of OAuth2 in the REST API guide if that helps.
MikeBorozdinMikeBorozdin

Here is the full string I am sending across:

 

https://login.salesforce.com/services/oauth2/authorize?response_type=token&client_id=3MVG.....hY&redirect_uri=https%3A%2F%2Flocalhost%2Fcallback&display=page

 

the client_id is the consumer key that I have working with the grant_type = password.

 

Sounds like I am missing something really small.  I looked over the URL 20 different times and got the elements from two different sources.  Could my client_id not be eligible for Oauth2 maybe???
cloudcodercloudcoder

For your flow, the grant_type should be 'token'.
MikeBorozdinMikeBorozdin

Okay, sorry about being dense, but it looks like I am getting conflicting instructions now.

 

Are these still valid instructions:

http://wiki.developerforce.com/index.php/Digging_Deeper_into_OAuth_2.0_on_Force.com

 

In my understanding there are only three required parameters:



response_typeMust be set to "token" to request an access token.
client_idYour application's client identifier (consumer key in Remote Access Detail).
redirect_uriThe authorization server will respond with a redirect to this URI. This parameter must match your application's configured callback URL.

 

I am also including display = page, but that's optional.

 

All of those parameters are on the URL string so I get the following query:

"https://login.salesforce.com/services/oauth2/authorize?" + "response_type=token&"  +  "client_id=OejEETOVbx....&" + "redirect_uri=https%3A%2F%2Flocalhost%2Fcallback&" + "display=page"

 

This is my first request which I assume is then followed up with the screen where people authorize and then I make another request.

 

What am I missing? 
cloudcodercloudcoder

you are correct. For the initial request, you dont need to specify grant type, but depending on your flow, you may have to include the client secret. Here is a snippet from the Getting Started with REST API article. Note, this example uses a web server that supports the JSP 3.0 spec (thus the web init params):

 

/**
 * Servlet parameters
 */
@WebServlet(name = "oauth", urlPatterns = { "/oauth/*", "/oauth" }, initParams = {
        // clientId is 'Consumer Key' in the Remote Access UI
        @WebInitParam(name = "clientId", value = "xxxxxxxxxx...xxxxxxxxxx"),
        // clientSecret is 'Consumer Secret' in the Remote Access UI
        @WebInitParam(name = "clientSecret", value = "xxxxxxxxxxxxxxxxxxx"),
        // This must be identical to 'Callback URL' in the Remote Access UI
        @WebInitParam(name = "redirectUri", value = "https://localhost:8443/RestTest/oauth/_callback"),
        @WebInitParam(name = "environment", value = "https://login.salesforce.com"), })
public class OAuthServlet extends HttpServlet {

 lmk if that helps. We will get you up and running.

 

 

 

 
SuperfellSuperfell

What error do you get?
mikebzmikebz

I was getting error 400.  I think I figured it out.  My callback URL was not matching the callback URL in the remote access screen exacly.  It's a bit different then what Twitter does (where you can override the callback URL at runtime) so I think I was getting stuck with that.
Robert JakubovRobert Jakubov

hey @cloudcoder

do you have the same instructions for OAuth2 flow for Python clients?