+ Start a Discussion
Jordan MilesJordan Miles 

Connecting to salesforce with an admin app

We are writing an interface servlet which has data passed to it, parses the data and creates the JSON, then sends the JSON to Salesforce. I'm having an issue authenticating. My authorization is as follows:

 

public String getAuth() throws HttpException, IOException, JSONException {
    	//post.addParameter("code",code);
    	HttpClient httpClient = new HttpClient();
    	ServletConfig context = getServletConfig();
    	post = new PostMethod(context.getInitParameter("environment"));
    	
    	System.out.println("environment: " + context.getInitParameter("environment"));
    	System.out.println("clientId: " + context.getInitParameter("clientId"));
    	System.out.println("clientSecret: " + context.getInitParameter("clientSecret"));
    	System.out.println("redirectUri: " + context.getInitParameter("redirectUri"));

    	
        post.addParameter("grant_type","authorization_code");
        post.addParameter("client_id",context.getInitParameter("clientId"));    	
    	post.addParameter("client_secret",context.getInitParameter("clientSecret"));
    	post.addParameter("redirect_uri",context.getInitParameter("redirectUri"));
    	   
    	httpClient = new HttpClient();
    	httpClient.executeMethod(post);
   
    	String responseBody = post.getResponseBodyAsString();
    	
    	System.out.println("response body: " + responseBody);
    	   
    	JSONObject json = null;
    	json = new JSONObject(responseBody);
    	String accessToken = json.getString("access_token");
        //String issuedAt = json.getString("issued_at");
              
       /*HttpServletResponse httpResponse = (HttpServletResponse)response;
       Cookie session = new Cookie("ACCESS_TOKEN", accessToken);
       session.setMaxAge(-1); //cookie not persistent, destroyed on browser exit
       httpResponse.addCookie(session);*/
        
       return accessToken;
    }

I recieve this error back:

{"error":"invalid_grant","error_description":"invalid authorization code"}
I currently have "code" commented out, because I'm not exactly clear on the flow of things. The documentation says you get the authorization code from the redirect_url, but I'm not redirecting to anything, just connecting with this Java servlet. Is there a better way of doing this? Or am I even doing it correctly to start with? Any help would be appreciated.
Best Answer chosen by Jordan Miles
pconpcon
Will this app always connect as a specific user or do you want it to access the Salesforce on behalf of another user?  If it's always one user, then it's just easier to use a user/password authentication instead of using the oAuth flow.  If you still want to use the oAuth flow, you are missing the actual code as part of your flow.  If you take a look at this article [1] you'll see that the call that has your grant_type set occurs after the call back and includes the code url paramter that is passed in.

[1] https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com

All Answers

pconpcon
Will this app always connect as a specific user or do you want it to access the Salesforce on behalf of another user?  If it's always one user, then it's just easier to use a user/password authentication instead of using the oAuth flow.  If you still want to use the oAuth flow, you are missing the actual code as part of your flow.  If you take a look at this article [1] you'll see that the call that has your grant_type set occurs after the call back and includes the code url paramter that is passed in.

[1] https://developer.salesforce.com/page/Digging_Deeper_into_OAuth_2.0_on_Force.com
This was selected as the best answer
Jordan MilesJordan Miles
Username/password is what I ended up doing. After going over the documentation a couple more times, it became clearer. Thanks for the answer!