Example implementation
You can use an OAuth client library to ease OAuth 2.0 adoption for your
application.
The OAuth 2.0 client library handles OAuth-related low-level functionality and provides a simple interface to implement steps documented in the above sections.
See http://oauth.net/2/ for lists of popular OAuth 2.0 client libraries for Java. A sample implementation based on the Apache Oltu OAuth 2.0 Client is provided here. This implementation is a simple web application that integrates with ION API and Infor IFS. These are code snippets to implement OAuth:
Request authorization code
OAuthClientRequest request = OAuthClientRequest
.authorizationProvider("https://mingledev01-sso.mingledev.infor.com:443/ACME_PRD/as/authorization.oauth2")
.setClientId("ACME_PRD~QxG91-i82CO4P7L5R1YR4YwdOyWw5caGh0UqkvqYrUY")
.setRedirectURI("http://sample-oauth2-client.infor.com:8080/SampleAppOAuth2/redirect"
.setResponseType("code")
.buildQueryMessage();
servletResponse.sendRedirect(request.getLocationUri());
Exchange authorization code for access token
OAuthClientRequest request = OAuthClientRequest
.tokenLocation("https://mingledev01-sso.mingledev.infor.com:443/ACME_PRD/as/token.oauth2")
.setGrantType(GrantType.AUTHORIZATION_CODE)
.setClientId("ACME_PRD~QxG91-i82CO4P7L5R1YR4YwdOyWw5caGh0UqkvqYrUY")
.setClientSecret("G1-DsyjDTlC6uzaelRKMZMDkfUU-3SUbs2zNdq-Rf9e0xE2G_mJhjqPCZXUPYHTqXQdMPKEqCwEO94rzmYleBg")
.setRedirectURI("http://sample-oauth2-client.infor.com:8080/SampleAppOAuth2/redirect")
.setCode(code)
.buildQueryMessage();
OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());
OAuthAccessTokenResponse oauthResponse = oAuthClient.accessToken(request);
String accessToken = oAuthResponse.getAccessToken();
String expiresIn = oAuthResponse.getExpiresIn();
Use access token
OAuthClientRequest bearerClientRequest = new OAuthBearerClientRequest("https://mingledev01-ionapi.mingledev.infor.com/ACME_PRD/weather/geolookup/q/FL/32266.json")'+
.setAccessToken(accessToken)'+
.buildQueryMessage();'+
OAuthResourceResponse resourceResponse = oAuthClient.resource(bearerClientRequest, OAuth.HttpMethod.GET, OAuthResourceResponse.class);
Refresh token
String reqParam = "refresh_token="+varRefreshToken+"&grant_type=refresh_token";
OAuthClientRequest oauthrequest = OAuthClientRequest.tokenLocation(https://mingledev01-sso.mingledev.infor.com:443/ACME_PRD/as/token.oauth2+"?"+reqParam)
.buildBodyMessage();
oauthrequest.addHeader("Authorization", "Basic "+authStringEnc);//use client_id as username, client_secret as password
OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());
OAuthResourceResponse resourceResponse = oAuthClient.resource(oauthrequest, OAuth.HttpMethod.POST, OAuthResourceResponse.class);';
Revoke token
String reqParam = "token="+varRefreshToken+"&token_type_hint=refresh_token";
OAuthClientRequest oauthrequest = OAuthClientRequest.tokenLocation(https://mingledev01-sso.mingledev.infor.com:443/ACME_PRD/as/revoke_token.oauth2+"?"+reqParam)
.buildBodyMessage();
oauthrequest.addHeader("Authorization", "Basic "+authStringEnc);//use client_id as username, client_secret as password
OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());
OAuthResourceResponse resourceResponse = oAuthClient.resource(oauthrequest, OAuth.HttpMethod.POST, OAuthResourceResponse.class);