Eclipse Community Forums: Lyo » Polarion oslc consumer oauth

Help

Home

Home » Eclipse Projects » Lyo » Polarion oslc consumer oauth

Show: Today's Messages :: Show Polls :: Message Navigator

Polarion oslc consumer oauth [message #1808310]

Fri, 21 June 2019 10:24

Michael C

Messages: 53
Registered: April 2019

Member

Hello, I' am not able to connect to Polarion ALM whith Lyo client.

Here is the code I used :

			String webContextUrl = "http://server/polarion/oslc";
			JazzRootServicesHelper helper = new JazzRootServicesHelper(webContextUrl, OSLCConstants.OSLC_RM_V2);
			OslcOAuthClient client = helper.initOAuthClient("OAuth Consumer Key", "aa");
			String res = client.lookupServiceProviderUrl(helper.getCatalogUrl(), "nameOfProject");

I got the consumer key by sending a post to :

http://serveur/polarion/oslc/services/oauth/requestKey.

The lyo api is always telling : Enter this URL in a browser and run again:

http://server/polarion/oslc/services/oauth/authorize?oauth_token=thegeneratedauthtoken.

So I'll go accept the key with a browser.
But when I run again it generates a different OAuth Consumer Key & authToken.

Also what about /polarion/oslc/services/oauth/approveKey
It seems the api can generate an oauthToken even if I did not approve the generate Key.

I guess I'm missing one step but I can't figure out what.
I tried to always use the same OAuth Consumer Key (one generated from the linked friends administration panel) but I got the same results.

[Updated on: Fri, 21 June 2019 10:43]

Report message to a moderator

Re: Polarion oslc consumer oauth [message #1808341 is a reply to message #1808310]

Fri, 21 June 2019 16:55

Eclipse User

Hello Michael,

Are you sure that the subsequent request is processed by the exact same OslcOAuthClient instance? It keeps state and if you re-initialise it, the auth won't work: https://github.com/eclipse/lyo.client/blob/2.4.0/oslc-java-client/src/main/java/org/eclipse/lyo/client/oslc/OslcOAuthClient.java#L187

Also, what versions of Lyo libraries are used?

Report message to a moderator

Re: Polarion oslc consumer oauth [message #1808413 is a reply to message #1808341]

Mon, 24 June 2019 08:44

Michael C

Messages: 53
Registered: April 2019

Member

Hello,

I'm using Lyo 4.0.0. I also tried with 2.4.0. What version should I use ?
I noticed that I need to post to j_security_check so I tried to adapt the example. Here is the last code I used.

public class Main {
	private static final Logger logger = Logger.getLogger(Main.class.getName());

	public static void main(String[] args) throws RootServicesException, IOException, OAuthException, URISyntaxException, ResourceNotFoundException, InterruptedException, InvalidCredentialsException  {
		String webContextUrl = "http://serveur/polarion/oslc";
		String securityUrl = "http://serveur/polarion/j_security_check";
		String user = "admin";
		String password = "psw";
		String projectArea = "playground";
	
		JazzRootServicesHelper helper = new JazzRootServicesHelper(webContextUrl, OSLCConstants.OSLC_RM_V2);
		
		HttpClient client = HttpClient.newHttpClient();
		HttpRequest request = HttpRequest.newBuilder()
			      .uri(URI.create(helper.getRequestConsumerKeyUrl()))
			      .timeout(Duration.ofMinutes(1))
			      .header("Content-Type", "application/json")
			      .POST(BodyPublishers.ofFile(Paths.get("D:\\Softwares\\eclipse 2019-03\\workspaceLyoClient\\lyo.client\\oslc-java-client\\src\\main\\java\\org\\eclipse\\lyo\\client\\test\\id.json")))
			      .build();
		
		HttpResponse<String> responseKey = client.send(request, BodyHandlers.ofString());
		if(responseKey.statusCode() == 200) {
			JsonParser parser = new JsonParser();
			JsonObject obj = parser.parse(responseKey.body()).getAsJsonObject();
			String key = obj.get("key").getAsString();
			System.out.println(key);
			
			OslcOAuthClient clientOslc = helper.initOAuthClient(key, "somesecret");

			try {
				String res = clientOslc.lookupServiceProviderUrl(helper.getCatalogUrl(), projectArea);	
			}
			catch (OAuthRedirectException oauthE) {
				HttpPost formPost = new HttpPost(securityUrl);
				List<NameValuePair> nvps = new ArrayList<NameValuePair>();
				nvps.add(new BasicNameValuePair("j_username", user));
				nvps.add(new BasicNameValuePair("j_password", password));
				formPost.setEntity(new UrlEncodedFormEntity(nvps, HTTP.UTF_8));

				org.apache.http.HttpResponse formResponse = clientOslc.getHttpClient().execute(formPost);
				Header location = formResponse.getFirstHeader("Location");
				
				System.out.println("Status : " + formResponse.getStatusLine().getStatusCode());//print 302
				System.out.println("location : " + location);	//print http://serveur/polarion
				HttpEntity entity = formResponse.getEntity();
				String responseString = EntityUtils.toString(entity, "UTF-8");
				System.out.println("Body : " + responseString);	//print blank
				EntityUtils.consume(formResponse.getEntity());
				
				//Third GET
				HttpGet request4 = new HttpGet(location.getValue());
				HttpClientParams.setRedirecting(request4.getParams(), false);
				org.apache.http.HttpResponse responseThird = clientOslc.getHttpClient().execute(request4);

				System.out.println("Status : " + responseThird.getStatusLine().getStatusCode()); //print 302
				System.out.println("location : " + location); //print http://serveur/polarion
			    entity = responseThird.getEntity();
				responseString = EntityUtils.toString(entity, "UTF-8");
				System.out.println("Body : " + responseString); //print blank
				EntityUtils.consume(responseThird.getEntity());
				
				//Since location is http://serveur/polarion this does not work
			/*	Map<String,String> oAuthMap = getQueryMap(location.getValue());
				System.out.println(oAuthMap.toString());
				String oauthToken = oAuthMap.get("oauth_token");
				String oauthverifier = oAuthMap.get("oauth_verifier");*/
				
				// The server requires an authentication: Create the login form
				HttpPost formPost2 = new HttpPost(oauthE.getRedirectURL() + "?oauth_token=" + oauthE.getAccessor().requestToken);
				formPost2.getParams().setParameter("oauth_token", oauthE.getAccessor().requestToken);
				formPost2.getParams().setParameter("oauth_verifier", "");
				formPost2.getParams().setParameter("authorize", "true");
				formPost2.addHeader("Content-Type","application/x-www-form-urlencoded;charset=UTF-8");

				formResponse = clientOslc.getHttpClient().execute(formPost2);
				
				System.out.println("Status : " + formResponse.getStatusLine().getStatusCode());
				System.out.println("location : " + location);
				entity = formResponse.getEntity();
				responseString = EntityUtils.toString(entity, "UTF-8");
				System.out.println("Body : " + formResponse);
				EntityUtils.consume(formResponse.getEntity());

				Header header = formResponse.getFirstHeader("Content-Length");
				if ((header!=null) && (!("0".equals(header.getValue())))) {
					// The login failed
					throw new InvalidCredentialsException("Authentication failed");
				} else {
					// The login succeed
					// Step (3): Request again the protected resource
					EntityUtils.consume(formResponse.getEntity());
					String res = clientOslc.lookupServiceProviderUrl(helper.getCatalogUrl(), projectArea);	
					System.out.println(res);
				}
			}
		}
	}

The login failed. Also if I put the 2st clientOslc.lookupServiceProviderUrl outside the if, it will still generate another token.
edit: I can log in to this URL with Postman.

[Updated on: Mon, 24 June 2019 09:06]

Report message to a moderator