API resources acces
Hi community ,
i worked this last time on the access token generate method , now it's ok, i want use the received access token to have access for asking the resources server.
i found the [%SYS.OAuth2.AccessToken] class which describes how add access token in the http request header , but i don't know how use it in my project.
Do me take only this class or the full package %SYS.OAuth2.
Thank you for helping .
Soufiane,
supposing you have successfully been able to add the token to your client (this depends on ate respective framework) call for Cache resources (via REST API), then on Cache side, if that's where your data (resources) are sitting, you can use something like this:
// decode token data into JSON object
$$$THROWONERROR(tSC,##class(%SYS.OAuth2.AccessToken).GetIntrospection($$$APP,accessToken,.jsonObjectAT))
// check whether the request is asking for proper scope for this service
if '(jsonObjectAT.scope["special-deals") set reason=..#HTTP404NOTFOUND throw
/* finally */
// validate signed access token (JWT)
if '(##class(%SYS.OAuth2.Validation).ValidateJWT($$$APP,accessToken,,,.jsonObjectJWT,.securityParameters,.tSC)) {
set reason=..#HTTP401UNAUTHORIZED
$$$ThrowOnError(tSC)
}