Requesting oauth token via Oracle
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-04-2015 02:08 PM
Hi
I am trying to request Oauth token from Oracle SQL, Making an REST API call to authenticate and login into Dev instance and get the success response and should be able to retrieve the access token.
when I do that from Oracle I am getting an error message:
SQL> /
{"error":"server_error","error_description":"access_denied"} when it trace it down it displays error code as 401 from Service now and I wanted to find out is there any parameter I need to set to authenticate external connection.
Thanks
Allwyn
- Labels:
-
Personal Developer Instance
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-04-2015 02:43 PM
Hi Allwyn,
You need to preemptively authenticate by sending a BasicAuth header with the credentials for a user with access to the data you are requesting:
https://docs.oracle.com/cd/E39820_01/doc.11121/gateway_docs/content/conversion_add_header.html
https://wiki.servicenow.com/index.php?title=Getting_Started_with_REST#Before_You_Begin
http://www.w3.org/Protocols/HTTP/1.0/draft-ietf-http-spec.html#BasicAA
Your request against the API needs to be identifiable as coming from a user, it needs to be able to authenticate as that user, and that user must have the correct roles for accessing the data *and* using the REST API itself.
Finally, the response should come back with a cookie. If you'll be making multiple requests, store the cookie and send it back with later requests, so you don't generate multiple sessions for that user.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-04-2015 03:15 PM
Thanks Cory, I am making an Web service request from Oracle to authenticate into servicenow developer instance using and I am binding all the userid /passwd and client_id and client secret as well, I have imported certificate from servicenow and stored it, not sure what are other steps need to be performed on the servicenow to accept and pass access_token back as a json output.
apex_web_service.make_rest_request ( p_url => 'https://dev13384.service-now.com/oauth_token.do?grant_type=password&client_id=ee6f9fd3b282020026234d...' , p_http_method => 'POST' , p_body => ' '
, p_wallet_path => 'file:c:\Oracle1\Middleware\Oracle_Home\wallet'
, p_wallet_pwd => 'xxxxx' );
Thanks
Allwyn
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-04-2015 03:37 PM
Hi Allwyn,
Looking at the API, those should be the only parameters you need.
What happens when you use the same request, but with curl?
curl -d "grant_type=password&client_id=ee6f9fd3b282020026234d61ed998aaf&client_secret=password22&username=RESTUser&password=RESTUserPassword" https://dev13384.service-now.com/oauth_token.do
Do you get back the JSON payload you expect?
Try making the request from Oracle, then checking the Node Log Browser on the instance for log entries around the time you did the test. You should see something like:
| 15:33:46.100 | Info | http-5 | SYSTEM | New transaction 3DB7272D0F9E0200F86E3E4CE1050EEB #79688 /oauth_token.do |
| 15:33:46.108 | Info | Default-thread-3 | 3DB7272D0F9E0200F86E3E4CE1050EEB | #79688 /oauth_token.do Parameters ------------------------- username=RESTUser client_secret=******** grant_type=password client_id=ee6f9...98aaf (length=32) password=******** |
| 15:33:46.111 | Warning | Default-thread-3 | 3DB7272D0F9E0200F86E3E4CE1050EEB | WARNING *** WARNING *** OAuthTokenProcessor caught a InvalidCredentialProvidedException with message invalid_scope: The provided OAuth token is not valid |
| 15:33:46.111 | Info | Default-thread-3 | 3DB7272D0F9E0200F86E3E4CE1050EEB | #79688 /oauth_token.do -- total transaction time: 0:00:00.011, total wait time: 0:00:00.000, session wait: 0:00:00.000, semaphore wait: 0:00:00.000, source: 50.59.164.97 |
That is from your dev instance, which I just posted an invalid oauth request against. Your Oracle requests should be generating log entries that are similar, and should provide the details of the error the instance is running into when trying to process it.
If no logs show up, then your request isn't making it out to the instance to be processed, and you will need to check whatever outbound restrictions exist between your machine and the instance which may be blocking the request.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-04-2015 03:52 PM
Thanks Cory. Using Curl no problem every time I get the response back, since Monday I am trying to resolve this issue
I will check to see if nodelog browser. because as soon as I put this request in I get access denied error message it does not throw any oracle error messages,
Thanks
Allwyn
C:\Users\allwyn.henry>curl -v https://dev13384.service-now.com/oauth_token.do -d
"grant_type=password" -d "client_id=ee6f9fd3b282020026234d61ed998aaf" -d "clien
t_secret=V)[G0Rh5S<" -d "username=admin" -d "password=xxxxxx" -k
* About to connect() to dev13384.service-now.com port 443 (#0)
* Trying 103.23.67.118... connected
* Connected to dev13384.service-now.com (103.23.67.118) port 443 (#0)
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using AES128-SHA
* Server certificate:
* subject: C=US; ST=California; L=San Diego; O=ServiceNow; CN=*.service-n
ow.com
* start date: 2014-09-25 17:55:13 GMT
* expire date: 2015-12-30 19:25:57 GMT
* subjectAltName: dev13384.service-now.com matched
* issuer: C=US; O=Entrust, Inc.; OU=www.entrust.net/rpa is incorporated b
y reference; OU=(c) 2009 Entrust, Inc.; CN=Entrust Certification Authority - L1C
* SSL certificate verify result: unable to get local issuer certificate (
20), continuing anyway.
> POST /oauth_token.do HTTP/1.1
> User-Agent: curl/7.21.7 (amd64-pc-win32) libcurl/7.21.7 OpenSSL/0.9.8r zlib/1.
2.5
> Host: dev13384.service-now.com
> Accept: */*
> Content-Length: 122
> Content-Type: application/x-www-form-urlencoded
>
< HTTP/1.1 200 OK
< Set-Cookie: JSESSIONID=73E66D7FC6AC6BDA959A959345AF131C;Secure; Path=/; HttpOn
ly
< Set-Cookie: glide_user_route=glide.17ad6f2846ef06eccf85d0f1dc3175c1;secure; Ex
pires=Thu, 23-Sep-2083 01:56:45 GMT; Path=/; HttpOnly
< Content-Type: application/json;charset=utf-8
< Content-Length: 272
< Date: Fri, 04 Sep 2015 22:42:38 GMT
< Server: ServiceNow
< Set-Cookie: BIGipServerpool_dev13384=1199605258.51262.0000; path=/
<
{"scope":"useraccount","token_type":"Bearer","expires_in":1799,"refresh_token":"
akqhziJyFWref4CKBoMa8daULO8sugJ5N4BsomXfd9cfR-wux9-8ynkrNsWbl2w1UoO5z-PZ-gviDrKH
HFZT9w","access_token":"YCGpdMIw2mrviVNYZvrGqdzyylhDQAHoAOHG89DZ1Eai_ef4fGXUHCbS
lqI2oQcq-1jOsZnIRSHyvmGq-H6sTg"}* Connection #0 to host dev13384.service-now.com
left intact
* Closing connection #0
