Smartsheet Oauth2.0 GlideOAuthStringMap

Vinayak Belgaon
Mega Guru
Mega Guru

‎02-17-2020 05:38 AM

Hello,

 

I am tying to integrate the Smartsheet application with servicenow using Oauth2.0 token. The issue i am facing is the the keyword in authorization code that the smartsheet is sending is not of access_token  but of code example: https://<myinst>.com/oauth_redirect.do?code=dlhmqzuefidheafy&expires_in=599928&state=483270143

 

as per the "Live Coding Happy Hour" on youtube https://www.youtube.com/watch?v=6KPhLYIDchU i created a custom Script include to fetch the accesstoken response, but i am not able to the the parameters as per the video. The only function that is being called is the "preprocessAuthCode" but the arguments passed to is empty and the log shows as [object GlideOAuthStringMap], not able to find the documentation to it. Could anyone help with me parsing the parameters

 


below is the Script include i have written

var OAuthJSSmartSheet = Class.create();
OAuthJSSmartSheet.prototype = {
    initialize: function() {
        gs.info("testing init");
    },

    interceptRequestParameters: function(requestParamMap) {
        // Add/Modify request parameters if needed
		gs.info("testing interceptRequestParameters="+requestParamMap.toString());
        this.preprocessAccessToken(requestParamMap);
    },

    parseTokenResponse: function(accessTokenResponse) {
        gs.info("testing parseTokenResponse="+accessTokenResponse.toString());
        try {
            this.postprocessAccessToken(accessTokenResponse);
        } catch (e) {
            gs.info(e);
        }
    },

    preprocessAuthCode: function(requestParamMap) {

 gs.info("preprocessAuthCode=" + requestParamMap);
// 		gs.info("preprocessAuthCode=" + requestParamMap.getBody());
// 		gs.info("preprocessAuthCode=" + requestParamMap.getparameters());
// 		gs.info("preprocessAuthCode=" + requestParamMap.getContentType());
		

    },

    preprocessAccessToken: function(requestParamMap) {
        gs.info("testing preprocessAccessToken=" + requestParamMap);

    },

    postprocessAccessToken: function(accessTokenResponse) {
        gs.info("testing postprocessAccessToken=" + accessTokenResponse);
        var contentType = accessTokenResponse.getContentType();
        var contentBody = accessTokenResponse.getBody();
        gs.info("testing=" + contentType);
        gs.info("testing=" + contentBody);
      /*  if (contentType && contentType.indexOf('application/json') != -1) {
            var tokenResponse = (new global.JSON()).decode(accessTokenResponse.getBody());
            var paramMap = accessTokenResponse.getparameters();
            for (param in tokenResponse)
                paramMap.put(param, tokenResponse[param].toString());
        }*/
    },

    type: 'OAuthJSSmartSheet'
};

 

Labels:
  • 1,809 Views
16 REPLIES 16

Vinayak Belgaon
Mega Guru
Mega Guru
In response to iwai

‎04-28-2020 10:47 AM

Thank You @iwai  i was able to parse the requestParamMap object using the getKeys() method of object like you mentioned. But later i realised that the function preprocessAuthCode() is getting called before the rest message is getting hit for oauth initiator. 

The issue i am facing is, when smartsheet sends the token through the redirect url, the preprocessAccessToken or postprocessAccessToken are not being called, due to which i am not able to parse the access token.

0 Helpfuls

iwai
Giga Sage
In response to Vinayak Belgaon

‎04-28-2020 05:47 PM

Hi  @Vinayak Belgaonkar 

Isn't the code sent by the redirect an Auth Code?
"oauth_redirect.do?code="
It's not an Access Token.
Request the AccessToken with the Auth Code.

Check the description of Auth Code and Access Token in Smartsheet

I have OAuth authentication for Slack.
It may be different from Smartsheet.

* Application Registries: Slack OAuth
OAuth API Script: OAuthUtil (Modified for analysis)
Default Grant type: Authorization Code

tiem: 2020-04-29 07:33:22.978 > OAuthUtilTestSlack.initialize
time: 2020-04-29 07:33:22.981 > OAuthUtil.preprocessAuthCode( [object GlideOAuthStringMap]:requestParamMap )
requestParamMap.getKeys() > "scope,response_type,state,redirect_uri,client_id"

* Slack OAuth screen is displayed. Press the confirmation button.

time: 2020-04-29 07:33:28.249 > OAuthUtil.initialize()
time: 2020-04-29 07:33:28.250 > OAuthUtil.preprocessAccessToken( [object GlideOAuthStringMap]:requestParamMap )
//[object GlideOAuthStringMap]:requestParamMap
val getKeys=[object String ] "code,grant_type,redirect_uri,client_secret,client_id",
val code=[object String] "*******",
val grant_type=[object String] "authorization_code",
val redirect_uri=[object String] "https://dev*****.service-now.com/oauth_redirect.do),
val client_secret=[object String] "********************" ,
val client_id=[object String] "59*********",

time: 2020-04-29 07:33:28.568 > OAuthUtil.initialize()
time: 2020-04-29 07:33:28.570 > OAuthUtil.postprocessAccessToken( [object GlideOAuthAccessTokenResponse]:accessTokenRespons ) 
[object GlideOAuthAccessTokenResponse].getBody(): [object String] {"ok":true,"app_id":...."access_token":"xoxp-...
time: 2020-04-29 07:33:28.669 > Business Rule [TableName: oauth_credential]

 

0 Helpfuls

iwai
Giga Sage
In response to iwai

‎04-28-2020 08:44 PM

In my experience, this OAuth Script fails authentication with a small Error.
"try {} catch (ex) {}"
I did a careful research using this.
This was often an error because of the Scope Script.
An error will occur in reference, initial value or comparison.
I've learned that this is a trivial thing that results in an error.

0 Helpfuls

Jonah Piascik
Tera Expert
In response to iwai

‎05-05-2021 05:11 AM

Was there any progress in getting this to work?  I'm trying to build an OAuth Integration with Smartsheet as well using the OAuth Application Registry in SN.  When executing Get OAuth Token, I receive a 401 unauthorized response from ServiceNow after Allowing access via Smartsheet OAuth:

Subject: OAuth HTTP Error 401 - Unauthorized

Description: When requesting an OAuth Token from Smartsheet API, Smartsheet Authentication succeeds, but OAuth redirect returns a 401 - Unauthorized, and we can observe the following in the Debug Log:

OAuthRedirectProcessor caught a OAuthRequestProblemException with message OAuthProblemException{error='invalid_request', description='Not allowed parameters: expires_in', uri='null', state='null', scope='null', redirectUri='null', responseStatus=0, parameters={}}

0 Helpfuls

iwai
Giga Sage
In response to Jonah Piascik

‎05-05-2021 04:32 PM

Perhaps the system is encountering an error when requesting an Access Token.
The reason for this is that it contains the parameter "expires_in" which is not allowed.

Smartsheet Get Access Token: https://smartsheet-platform.github.io/api-docs/#get-access-token

  • Get Access Token
    • Parameters
      • client_id
      • client_secret
      • code
      • grant_type
      • hash
OAuthRedirectProcessor caught a OAuthRequestProblemException with message OAuthProblemException{
  error = 'invalid_request',
  description = 'Not allowed parameters: expires_in',
  uri = 'null',
  state = 'null',
  scope = 'null',
  redirectUri = 'null',
  responseStatus = 0,
  parameters = {}
}
0 Helpfuls