0
535
Question Soufiane Amroun · Dec 26, 2017

API resources acces

#Caché #Security

Hi community ,

i worked this last time on the access token generate method , now it's ok, i want  use the received access token to have access for asking the resources server.

i found the [%SYS.OAuth2.AccessToken] class which describes how add access token in the http request header , but i don't know how use it in my project.

Do me take only this class or the full package %SYS.OAuth2.

Thank you for helping .

Discussion (1)0
Log in or sign up to continue

Comments

Daniel Kutac · Dec 27, 2017

Soufiane,

supposing you have successfully been able to add the token to your client (this depends on ate respective framework) call for Cache resources (via REST API), then on Cache side, if that's where your data (resources) are sitting, you can use something like this:

set accessToken=##class(%SYS.OAuth2.AccessToken).GetAccessTokenFromRequest(.tSC)  
   // decode token data into JSON object
   $$$THROWONERROR(tSC,##class(%SYS.OAuth2.AccessToken).GetIntrospection($$$APP,accessToken,.jsonObjectAT))
   /* service specific check */
   // check whether the request is asking for proper scope for this service
   if '(jsonObjectAT.scope["special-deals") set reason=..#HTTP404NOTFOUND throw
      
   /* finally */
   // validate signed access token (JWT)
   if '(##class(%SYS.OAuth2.Validation).ValidateJWT($$$APP,accessToken,,,.jsonObjectJWT,.securityParameters,.tSC)) {
    set reason=..#HTTP401UNAUTHORIZED
    $$$ThrowOnError(tSC)
   }
 
perhaps you shall try to look at this post - https://community.intersystems.com/post/angular-client-demo-using-oauth2-authorization-server-protect-caché-based-resources, it also contains a link to the angular based project and contains implementation of sample Cache REST service.
 
Dan
0