To get Apiv2 authorization code without login page
Hi
I got Apiv2 authorization code to use in my client application by using the below request
https://community.xxxxxxxxxx.co.uk/auth/oauth2/authorize?client_id=xxxxxxxxxxx&response_type=code&redirect_uri=http://community.xxxx.co.uk/
but it always take me to login page first. How to avoid this to receive code. can we pass username and password through the request?
Ideally I need to get the code from the above request, without login page redirect.
Thanks.
Hi Nav
I think you should use Session Key Authentication
Please See the doc :
https://community.lithium.com/t5/Developer-Documentation/bd-p/dev-doc-portal?section=sessionauth
Using this you can authorise the user by making this below call.
curl -XPOST 'https://yourcommunity.com/restapi/vc/authentication/sessions/login?user.login=<login>&user.password=<password>'
If you follow OAuth 2.0 implementation, authorise will be done on Lithium End only.
If the user successfully logged in then it will redirect to the mention redirection Url along with auth code.Which can be used for further Api Call.
Hi HiteshKumar,
Thanks. You are right. The same I have implemented as below
$username = 'xxxx'; $password = 'xxxxx'; //Get session key from lithium $login_fields = array( 'user.login' => $username, 'user.password' => $password, 'xslt' => 'json.xsl', ); $response = drupal_http_request('http://community.xxxx.co.uk/restapi/vc/authentication/sessions/login', array( 'data' => drupal_http_build_query($login_fields), 'method' => 'POST', 'headers' => array('Content-Type' => 'application/x-www-form-urlencoded'), )
and passed restapi.session_key id along with actual request.
I received what I wanted now. :)
Thanks.