OAuthAPI.InitNativeApp

To be called in a Genero mobile app accessing a secure RESTful web service directly (not behind a Genero Application Server).

Syntax

InitNativeApp(
  cnx_timeout INTEGER,
  tokens OpenIdCResponseType,
  client_id STRING,
  client_secret STRING,
  token_end_point STRING)
RETURNS BOOLEAN
  1. cnx_timeout is a connection timeout to the REST service with value in seconds.
  2. tokens is the record, provided by the OAuthAPI.RetrievePasswordTokenForNativeApp function, containing the access token for accessing the RESTful Web service with information about its expiry, and so on, that allows it to be refreshed.
  3. client_id is the application ID assigned to the app when registered.
  4. client_secret is the application secret created for the app.
  5. token_end_point is the token endpoint of the Identity Provider (IdP) securing the service.

Returns FALSE if the mandatory access token is null.

Usage

Use this function to register the access token to be used when a Genero mobile app has to connect to a service (server side) and/or the service (server side) has to in turn connect (as a service client) to another protected service. It checks if the OAuth service is initiated.

The role of the function is to register the access token with the GWS, so that you can then call any of the OAuthAPI methods, such as CreateHTTPAuthorizationRequest, to perform requests to the service or services, and the GWS will be able to refresh the token when it expires without having to restart the application.

In case of error, a NULL value will be returned.

The access token and access token expiration date required to refresh the token when it expires, must first be set with a call to RetrievePasswordTokenForNativeApp to the IdP. Therefore, you must call InitNativeApp() with the OpenIdCResponseType record where the tokens are stored.

If you need to get metadata, a call to FetchOpenIDMetadata() saves the metadata in an OpenIDMetadataType record.

OAuthAPI.InitNativeApp function

IMPORT FGL OAuthAPI

DEFINE metadata OAuthAPI.OpenIDMetadataType
DEFINE token, refresh STRING
DEFINE expire INTEGER
DEFINE usr, pass STRING
DEFINE client_id, secret_id STRING
DEFINE scope STRING
DEFINE idp_url STRING

MAIN

# Enter following information:
LET idp_url="" # The IdP's issuer url
LET usr = "" # A valid username
LET pass = "" # password for the above username
LET client_id="" # The client ID of an application registered in GIP
LET secret_id="" # The client secret from the same application

TRY
     CALL OAuthAPI.FetchOpenIDMetadata(5, idp_url)
          RETURNING metadata.*
     IF metadata.issuer IS NULL THEN
         DISPLAY "IdP not available" 
         EXIT PROGRAM 1
     ELSE
        CALL OAuthAPI.RetrievePasswordTokenForNativeApp(5, metadata.token_endpoint, usr, pass, client_id, NULL, scope) 
          RETURNING token, expire, refresh
        IF token IS NULL THEN
          DISPLAY "Unable to retrieve token"
          EXIT PROGRAM 1
        ELSE
          DISPLAY "Access token value: ",token 
          DISPLAY SFMT("Token expires in %1 seconds",expire)
          IF refresh IS NOT NULL THEN
            DISPLAY "Refresh token value: ",refresh
          ELSE
            DISPLAY "No refresh token"
          END IF
          IF NOT OAuthAPI.InitNativeApp(5, token, client_id, secret_id, metadata.token_endpoint, expire, refresh) THEN
            DISPLAY "Cannot initiate refresh token service"
          END IF
        END IF
     END IF
CATCH
   DISPLAY "ERROR : ",status,sqlca.sqlerrm
   EXIT PROGRAM 1
END TRY

END MAIN