cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
441
Views
0
Helpful
0
Comments
cdnadmin
Level 11
Level 11
This document was generated from CDN thread

Created by: Ben Sunderland on 10-08-2012 12:23:50 AM
Hi,
 
Am a little unclear on this part , Step 2 - Get User AUthorization , of the oAuth process , as the guide is not very clear in terms of context (who is doing what and how) and the examples dont seem to go into enough detail.


The guide says: 


"After an API consumer receives a Request Token, the API requires you to authenticate yourself with Quad before continuing. After you are authenticated, you are prompted to authorize the API consumer to access Quad data. To obtain user authorization, you execute the Get User Authorization operation, in which you provide the Request Token as a query parameter and receive a verification code (oauth_verifier) for the Request Token."




This is unclear who 'you' is - given oAUth is 3 legged process (api consumer, end user of app, and app server).
I assume it means the end user in step 3 (which is strange since 'you in step 1 and 2 meant the api consumer ).


I understand the overall steps and exchange of keys / tokens - just I dont get how step three is carried out and what links the end user to the app ? 




I presume the end user(s) is given the URL, xoauth_user_auth_url , resulting from step 2, that when executed, by them,  prompts them to log in (if not already) and then requests his/her authorization of the api consumer to his/her data.


This could be explained better, especially being clear about who (of the three legs) is doing what and when.


Assuming the user of the app gets the link per above and then grants the api consumer access to his WES resources on his behalf, how is the oauth_verifier received (so that step 4 can be completed)? 


I tried two ways -
1) executed the request on a browser  e.g.:- 
http://<quad_server>/quadopen/oauth/user_auth?oauth_token=<token_from_step2>


2) same URL as 1) via the Firefox REST client .


Both ways got the allow / disallow html form , but no oauth_verifier  was received and neither got any 'location' parameter back in respose headers as indicated here: http://developer.cisco.com/webexsocial/webexsocial-api-examples/authentication.html#userAuth


Can someone explain if my assumptions above are valid , and then specifically how to get the oauth_verifier back in the response.


Cheers




Ben

Subject: RE: API : oAuth - Step 2 - Get User Authorization - where is oauth_verifier
Replied by: Ben Sunderland on 10-08-2012 02:02:19 AM
after all that I managed to get something back, but rather than a localtion header per the notes, I get this message:

You have successfully authorized 'Sample App THREE' to have read and write access to your data.

Please enter code 72620142 at the consumer.


Am assuming this code is the verifier. Have not confirmed yet as its clunky geting all the requests formatted correctly using a REST tool like RestClient, before the token expires :S

Subject: RE: API : oAuth - Step 2 - Get User Authorization - where is oauth_verifier
Replied by: Adrienne Moherek on 10-08-2012 10:55:41 AM
Hi Ben,

Have you downloaded this sample gadget to look at the code?
http://developer.cisco.com/web/webexsocial-developer/simple-oauth-sample-app

First, try following the steps to get this gadget working. Once you get it working, then look at the code to see how OAuth is working.

Thanks,
Adrienne

Subject: RE: API : oAuth - Step 2 - Get User Authorization - where is oauth_verifier
Replied by: Amanda Whaley on 26-09-2012 01:25:42 PM
Ben -
 
Are you still having issues with this? or is the issue resolved for you?
 
Amanda Whaley
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links