Hi @johnsonjoseph ,
Use a Custom Authentication operation to handle the OAuth 2.0 implicit grant redirect and extract the token yourself, then apply it to all subsequent calls.
1. Change Authentication to Custom
- In your Web Services/SCIM2 connector configuration, set Authentication Type to Custom Authentication instead of “OAuth 2.0.”
2. Define the Token Operation
-
Operation Name: generateToken
-
Method: GET
-
URL:
https://oauth.testw2-np.77eh.p3.openshiftapps.com/oauth/authorize?client_id=openshift-challenging-client&response_type=token -
Headers:
Authorization: Basic <BASE64(USER:PASSWORD)>
Content-Type: application/x-www-form-urlencoded
3. Before Operation Rule to Extract Token
Attach this Java rule on the generateToken operation to catch the 302 and parse the token:
I’m pasting a sample token generation code. you can use if yo have any already
import java.util.Map;
import java.util.HashMap;
import java.util.regex.Pattern;
import java.util.regex.Matcher;
if (requestEndPoint.getResponseCode() == 302) {
String location = requestEndPoint.getResponseHeaders().get("Location");
if (location != null) {
Pattern p = Pattern.compile("#access_token=([^&]+)");
Matcher m = p.matcher(location);
if (m.find()) {
String token = m.group(1);
// Set Authorization header for subsequent calls
Map<String,String> hdrs = new HashMap<>();
hdrs.put("Authorization", "Bearer " + token);
requestEndPoint.setHeader(hdrs);
}
}
}
4. Use Extracted Token in All Operations
For every API call (Test Connection, Aggregation, Provisioning):
- Under HTTP Headers, add
Authorization: Bearer $application.access_token$
5. Verify with CURL
curl -u USER:PASSWORD -k\
‘https://oauth.testw2-np.77eh.p3.openshiftapps.com/oauth/authorize?client_id=openshift-challenging-client&response_type=token’