The CreatorCon Call for Content is officially open! Get started here.

How to get Auth Token using script when grant type is Authorization code

Rizwan Shaikh
Mega Guru

‎11-19-2019 02:56 AM

Hi All,

I have set up a REST Message outbound using OAuth 2.0. 

Accordingly i have set up OAuth Profile

I am able to get the token access token using 'Get OAuth Token' link in REST Outbound. I want to implement this in script. I have been trying the following code. 

var tokenRequest = new sn_auth.GlideOAuthClientRequest();
tokenRequest.setGrantType("authorization_code");

var oAuthClient = new sn_auth.GlideOAuthClient();
var tokenResponse = oAuthClient.requestTokenByRequest("Google Entity profiles", tokenRequest);
gs.info("Error:" + tokenResponse.getErrorMessage());

var token = tokenResponse.getToken(); 
gs.info("AccessToken:" + token.getAccessToken());
gs.info("AccessTokenExpiresIn:" + token.getExpiresIn());
gs.info("RefreshToken:" + token.getRefreshToken());

However it is not working. I am getting the following response

failed to find the oauth entity.
*** Script: Error:failed to find the oauth entity.
*** Script: AccessToken:null
*** Script: AccessTokenExpiresIn:0
*** Script: RefreshToken:null

Please can someone suggest the correct syntax to get Authorization code for grant type as authorization code. I can only find the syntax for grant type password nut not for authorization code.

find_real_file.png

Note: Grant type is not password.

Help is much appreciated. Thanks!

Labels:
Preview file
13 KB
  • 9,627 Views
32 REPLIES 32

Rasmita
Tera Contributor
In response to Rizwan Shaikh

‎01-22-2020 02:11 AM

Hi Rizwan,

 

I have been trying to generate access token for google suite integration. And I am facing same issue . I am unable to get the authorization code. I see you have mentioned that

"I did generated a authorization code from api(created a new REST (GET)) and used the below code to get the token

I want to how to get the authorization code?

 

Once I get the auth code , then using your code I hope will be able to get the token

 

 

 

0 Helpfuls

Rizwan Shaikh
Mega Guru
In response to Rasmita

‎01-22-2020 06:18 AM

Hi Rasmita

Just confirming were you able to configure the REST Message and fetch Token using the 'Get OAuth Token Link'? 

 

I have changed my logic a bit

This i how i have setup my process.

I created a scripted REST Web service that will work as a redirect for oAuth.

 

Hit the link in then browser that will generate the Authorization code and must set the redirect url same as of the created scripted rest web service method.

 

If the validation on the third party side is successfull (in my case it was users consent), It will automatically redirect you to the redirect url along with the auth code. 

 

Then in the script you can get the code like this

var code = request.queryParams.code

 

Once you have the auth code you can use the script as mentioned in the above post to get Token after making necessary changes as per your setup.

0 Helpfuls

Rasmita
Tera Contributor
In response to Rizwan Shaikh

‎01-22-2020 07:00 AM

Hi Rizwan,

Yes, I am able to configure the REST Message and fetch the Token using the 'Get OAuth Token Link.

PFA screenshot.

Could you please share the scripted web service URL and the code snippet you have developed to generate the authorization code?

I am bit confused the implementation of the scripted service.

Thank you again.

 

 

Preview file
35 KB
Preview file
41 KB
0 Helpfuls

Rizwan Shaikh
Mega Guru
In response to Rasmita

‎01-22-2020 07:33 AM

Hi Rasmita.

 

I would suggest to check the Gsuite documentation for getting the auth code.

 

Usually it is a simple url with certain parameters which responds with the auth code.

 

Example from my case.

https://accounts.google.com/o/oauth2/v2/auth?client_id=your_client_id&redirect_uri=instancename/api/houch/google/oauth_redirect&prompt=consent&scope=https://www.googleapis.com/auth/calendar https://www.googleapis.com/auth/calendar.events&response_type=code&access_type=offline

 

Note - redirect_uri - You need to change that to scripted rest web service one.

When the url is hit in the browser. It takes the users consent and redirects to the redirect url along with auth code.

 

Once redirected you can retrieve the auth code as mentioned in the following screenshot.

Scripted rest web service

 

find_real_file.png

Preview file
55 KB

Rasmita
Tera Contributor
In response to Rizwan Shaikh

‎01-29-2020 07:03 AM

Hi Rizwan, 

Did you get chance to look into my query below? Need to know if it is possible to consume the URL to get the auth code dynamically.

 

I created a scripted rest api as below with empty result.

https://instancename/api/tieoy/google/oauth_redirect

I am able to get the auth code using the above scripted service uri as redirect url.

Below is the example URL that gives me the authorization code.


https://accounts.google.com/o/oauth2/v2/auth?client_id=client_id&redirect_uri=https://instancename.service-now.com/api/tieoy/google/oauth_redirect&scope=https://www.googleapis.com/auth/admin.directory.device.mobile.readonly&response_type=code&access_type=offline


And now using the generated code in URL, I am able to get the token in background script.

However, now I want to understand how to consume the above URL in service now instance and generate the code. Because, when I tried to consume the URL in REST message , the response does not return code. 

Please let me know how to achieve this.

0 Helpfuls