Hi all,
I need your help again, as now I’m stuck with getting REST services to work the web module (I’m developing a little module displayed in a frame with joint.js, and I need some interaction)
I’ve got stuck at the first step, at obtaining the oauth token[Getting an OAuth token] (Getting an OAuth Token - CUBA Platform. Developer’s Manual)
First I thought it was not enabled, as the documentation states, it’s not switched on by default for the web module, but the checkbox is gone from the mentioned screen (Project properties>Edit>Advanced) However I’ve found
in web-dispatcher-spring.xml, so I think it’s enabled. Then I’ve created cuba-rest-services.xml(see attached) file with one service in it for now, put it into the config, and added a username/password as well in web-app.properties:
I think if you change any of the properties files, changes will have effect only when you restart the app.
The main thing here is that you will need two set of passwords here in order to get the token one is set in cuba.rest.client.id and cuba.rest.client.password in your (web-)app.properties and the second is a live user what you put in the details. You’ll have to Base64 encode the first pair by joining them with a ‘:’ and then put it to the header int the key “Authorization”, prepended with "Basic "
Hi Brian,
That is what I said in my answer - in the request body there must be credentials of the real user, e.g. admin/admin. cuba.rest.client.id and cuba.rest.client.password is used for basic authentication of the request.
In the Authorization header you must pass the the client id and secret, separated by a single colon (":") character, within a base64 encoded string. You changed the value for the cuba.rest.client.id and cuba.rest.client.secret values, but still use the Authorization header value for the default settings.
As for the body, you must pass not the cuba.rest.client.id and cuba.rest.client.secret values there, but login and password of some existing user.
that makes sense now, and it works
I think it would worth mentioning this in the documentation, as your key sentence, which resolves everything is REALLY missing from there… (Getting an OAuth Token - CUBA Platform. Developer’s Manual)
“In the Authorization header you must pass the the client id and secret, separated by a single colon (”:“) character, within a base64 encoded string.”
In addition to the above, I had to add grant_type, username and password to the x-www-form-urlencoded body as additional parameters. Strange thing was that for the username and password used here I had to use a standard cuba username/pwd (e.g. admin/admin) instead of the cuba.rest.client.id and cuba.rest.client.secret as the docs suggest.
Nice one Konstantin!
I think what would be really good, to be able to capture the currently logged-in user’s credentials and use them instead of a hardcoded one. I have tried to capture them on the loginwindow, by overriding the login function, but because of the “remember me” feature I get only the hash token as password…