YouTube video: https://www.youtube.com/watch?v=NyFooBktJNE
The Live Coding Team: josh.nerius, dave.slusher, ctomasi
In last week’s Live Coding Happy Hour, we picked up where we left off previous week and figured out how to programmatically get an OAuth Access Token from the oauth_credential table for our Bit.ly integration.
Video Index
- 04:04 - Quick recap of what we did last week
- 06:59 - We want to get the token dynamically
- 09:13 - Exploring the oauth_credential table
- 22:16 - We have a working script to retrieve the token!
- 24:35 - Update our Bit.ly Business Rule to use the new token logic
- 25:07 - We discuss current.update() in an async business rule
- 27:17 - Update the REST Message to use a parameterized Access Token
- 29:04 - YouTube Analytics API and working with OAuth Scopes
- 36:43 - Configure OAuth Provider in ServiceNow including Entity Profile Scopes
- 43:02 - Asking Google for a Refresh Token
- 52:58 - Recap and beer ratings
Useful Resources
Corrections
A Better Approach for Getting Access Tokens
In the Live Coding session, we used a manual approach to query the oauth_credential able to get an Access Token using GlideRecord, but there’s actually a much better way to accomplish this using GlideOAuthClient.
Before (manual GlideRecord lookup)
function getToken(profile, user) {B B B B B var gr = new GlideRecord(‘oauth_credential’);B B B B B B gr.addQuery(‘oauth_requestor_profile.oauth_entity_profile’, profile);B B B B B B gr.addQuery(‘user’, user); B B B gr.query();B B B B B B
B B B if (gr.next()) {B B B B B B B B B B B B gs.debug(‘found it’);B B B B B B B B B B B B B return gr.getValue(‘token’);B B B B B } else {B B B B B B B B B B B B gs.debug(’:(‘);B B B B B B } }
var token = getToken(oauthProfileId, userId);
After (using GlideOAuthClient API)
// Initialize client and get a token objectB var oauthClient = new sn_auth.GlideOAuthClient(); var tokenObject = oauthClient.getToken(restMessageId, oauthProfileId);B var accessToken = tokenObject.getAccessToken();B gs.debug(‘Access Token: ‘ + accessToken);
Handling a non-expiring token
I mentioned that I’d show you how to handle the non-expiring token sent by Bit.ly, but didn’t get around to it during the broadcast.
To accomplish this, we need to add a single line to the postProcessAccessToken method in our custom OAuthBitlyHandler Script Include:
// Manually set the expire time to 1 year in seconds (60 * 60 * 24 * 365) paramMap.put(b expires_in’, b 31536000’);
In this example, I’ve set the expiration time to 1 year, but you should set this to whatever value makes sense for you and your password rotation schedule (you should go and regenerate this periodically for security reasons, even if the the API doesn’t enforce token rotation).
Share this post
Twitter
Facebook
Reddit
LinkedIn
Email