Forum Discussion

Nav's avatar
Nav
Ace
7 years ago

To get Apiv2 authorization code without login page

Hi

I got Apiv2 authorization code to use in my client application by using the below request

 

https://community.xxxxxxxxxx.co.uk/auth/oauth2/authorize?client_id=xxxxxxxxxxx&response_type=code&redirect_uri=http://community.xxxx.co.uk/

but it always take me to login page first. How to avoid this to receive code. can we pass username and password through the request?

Ideally I need to get the code from the above request, without login page redirect.

Thanks.

  • Hi Nav

     

    I think you should use Session Key Authentication

     

    Please See the doc :

    https://community.lithium.com/t5/Developer-Documentation/bd-p/dev-doc-portal?section=sessionauth

     

     

    Using this you can authorise the user by making this below call.

     

    curl -XPOST 'https://yourcommunity.com/restapi/vc/authentication/sessions/login?user.login=<login>&user.password=<password>'

     

    If you follow OAuth 2.0 implementation, authorise will be done on Lithium End only.

    If the user successfully logged in then it will redirect to the mention redirection Url along with auth code.Which can be used for further Api Call.

     

  • Nav's avatar
    Nav
    7 years ago

    Hi HiteshKumar,

    Thanks. You are right. The same I have implemented as below

    	$username = 'xxxx';
    	$password = 'xxxxx';
    	//Get session key from lithium
    	$login_fields = array(
    		'user.login' => $username,
    		'user.password' => $password,
    		'xslt' => 'json.xsl',
    		);
    	$response = drupal_http_request('http://community.xxxx.co.uk/restapi/vc/authentication/sessions/login', array(
    		'data' =>  drupal_http_build_query($login_fields),
    		'method' => 'POST',
    		'headers' => array('Content-Type' => 'application/x-www-form-urlencoded'),
    	)

    and passed restapi.session_key id along with actual request.

    I received what I wanted now. :) 

    Thanks.

    • Nav's avatar
      Nav
      Ace

      Hi VikasB,

      Yes, I am looking at this link but couldnot find the answer I am looking for.

       

      Thanks.

  • Hi Nav

     

    I think you should use Session Key Authentication

     

    Please See the doc :

    https://community.lithium.com/t5/Developer-Documentation/bd-p/dev-doc-portal?section=sessionauth

     

     

    Using this you can authorise the user by making this below call.

     

    curl -XPOST 'https://yourcommunity.com/restapi/vc/authentication/sessions/login?user.login=<login>&user.password=<password>'

     

    If you follow OAuth 2.0 implementation, authorise will be done on Lithium End only.

    If the user successfully logged in then it will redirect to the mention redirection Url along with auth code.Which can be used for further Api Call.

     

    • Nav's avatar
      Nav
      Ace

      Hi HiteshKumar,

      Thanks. You are right. The same I have implemented as below

      	$username = 'xxxx';
      	$password = 'xxxxx';
      	//Get session key from lithium
      	$login_fields = array(
      		'user.login' => $username,
      		'user.password' => $password,
      		'xslt' => 'json.xsl',
      		);
      	$response = drupal_http_request('http://community.xxxx.co.uk/restapi/vc/authentication/sessions/login', array(
      		'data' =>  drupal_http_build_query($login_fields),
      		'method' => 'POST',
      		'headers' => array('Content-Type' => 'application/x-www-form-urlencoded'),
      	)

      and passed restapi.session_key id along with actual request.

      I received what I wanted now. :) 

      Thanks.