Issue with refresh token

Go to solution
Rithvik
Tera Contributor

‎02-24-2022 01:38 AM

I used the below code, to generate access token with refresh token, from the below code I am getting access token but for refresh token I am getting "NULL" what is the reason for it? any idea?

 

username and passwords are correct only and also passed correct application registry

var oAuthClient = new GlideOAuthClient();
var params ={grant_type:"password", username:"itil", password:'itil'};
var json =new JSON();
var text = json.encode(params);
var tokenResponse = oAuthClient.requestToken('TestClient', text);
var token = tokenResponse.getToken();

gs.log("AccessToken:"+ token.getAccessToken());
gs.log("AccessTokenExpiresIn:"+ token.getExpiresIn());
gs.log(" RefreshToken:"+ token.getRefreshToken());
0 Helpfuls
  • 4,885 Views
1 ACCEPTED SOLUTION

Go to solution
Raghu Ram Y
Kilo Sage

‎02-24-2022 04:17 AM

@Rithvik Check from the 3rd party whether it is IP restricted.

View solution in original post

14 REPLIES 14

Go to solution
Rithvik
Tera Contributor
In response to shloke04

‎02-24-2022 04:54 AM

Is it mandatory to add "Authorization" HTTP Method? because I have seen a lot of examples, no where it was added.

0 Helpfuls

Go to solution
shloke04
Kilo Patron
In response to Rithvik

‎02-24-2022 05:07 AM

If you are using OAUTH then yes you need to add it as shown above else it will not work.

Regards,

Shloke

Hope this helps. Please mark the answer as correct/helpful based on impact.

Regards,
Shloke
0 Helpfuls

Go to solution
Raghu Ram Y
Kilo Sage

‎02-24-2022 04:17 AM

@Rithvik Check from the 3rd party whether it is IP restricted.

Go to solution
Rithvik
Tera Contributor
In response to Raghu Ram Y

‎02-24-2022 04:19 AM

Checked, already it was set to IP Relaxed.

0 Helpfuls

Go to solution
gaurrohi
Tera Expert

‎07-23-2024 01:05 PM

Hi @Rithvik 
I assume you've already configured everything in the application registry for OAuth 2.0 and are using the grant_type password to get the refresh token and access token.

Here’s a suggestion: create two system properties to store the username and password. Use the "password2" type for the password property, or you can use the credentials store for both.

Once you've set up the system properties, create a Script Include and call it periodically from a scheduled job to retrieve the token from the provider.

You have two options:

  1. Retrieve and store the refresh token, then use it to get the access token.
  2. Retrieve both the access and refresh tokens every time the scheduled job runs.

Here we are proceeding with the 02nd option

Create System Properties: I've created two system properties:

  • rg.azure.entra.username – to store the username
  • rg.azure.entra.password – to store the password

Create a Script Include:

 

var EntraTokenFetch = Class.create();

EntraTokenFetch.prototype = {

    initialize: function() {},

 

    tokenFetch: function() {

        try {

            gs.log("Starting tokenFetch...");

 

            // Get the system properties

            var usernameEntra = gs.getProperty('rg.azure.entra.username'); //username stored in sys_properties

            var passwordEntra = gs.getProperty('rg.azure.entra.password'); // password stored in sys_properties

            if (!usernameEntra || !passwordEntra) {

                gs.log("Username or password is not set in the system properties.");

                return;

            }

            gs.log("Username and password retrieved.");

 

            var requestor_context = 'test';

            var requestor_id = usernameEntra;

            var oauth_profile_id = '93d6a1f9498544fcb2f76f289c4e7714'; // profile ID [sys_id of  'OAuth Entity Profiles' (oauth_entity_profile) record in OAUTH registry  record]

 

            var params = {

                grant_type: "password",

                username: usernameEntra,

                password: passwordEntra,

                oauth_requestor_context: requestor_context,

                oauth_requestor: requestor_id,

                oauth_provider_profile: oauth_profile_id

            };

 

            gs.log("OAuth parameters set.");

 

            var json = new global.JSON();

            var text = json.encode(params);

 

            var oAuthClient = new sn_auth.GlideOAuthClient();

            gs.log("OAuth client initialized.");

 

            var tokenResponse = oAuthClient.requestToken('7f96b51a47f902500465afb8036d43bd', text); //sys_id  of the OAuth application registry record (oauth_entity)

            if (!tokenResponse) {

                gs.log("Failed to get token response.");

                return;

            }

            gs.log("Token response received.");

 

            var token = tokenResponse.getToken();

           

            if (!token) {

                gs.log("Failed to get token from response.");

                return;

            }

 

            var access_token = token.getAccessToken();

            var refresh_token = token.getRefreshToken();

                                          

            gs.log("AccessToken: " + access_token);

            gs.log("AccessTokenExpiresIn: " + token.getExpiresIn());

            gs.log("RefreshToken: " + refresh_token);

 

        } catch (e) {

            gs.log("Error in tokenFetch: " + e.message);

        }

    },

 

    type: 'EntraTokenFetch'

};

Create a Scheduled Job:

Schedule it as needed and use the following code to call your script:

 

var entraAzureToken = new EntraTokenFetch();

entraAzureToken.tokenFetch();

 

Please mark the response as the correct answer and helpful, This may help other community users to follow the proper solution.

Please mark the response as the correct answer and helpful. This may help other community users to follow the correct solution.

Regards,
Rohit Singh
0 Helpfuls