subject:"LiveCode server as OAuth2 client for APIs\?"

Re: LiveCode server as OAuth2 client for APIs?

2023-12-08 Thread Ralf Bitter via use-livecode


Hi Keith,

to avoid creating too much noise here, let's continue
the conversation on the revIgniter mailing list. You'll find my
answer there.


Ralf



On 07.12.2023 18:01, Keith Clarke via use-livecode wrote:

Hi Ralf,
Thanks for the guidance and updated formHelper script - and apologies to folks 
not using LiveCode Server or RevIgniter - I now realise this should have been 
posted on the use RevIgniter list.

I’ve now got a basic button that submits a form data post to the Salesforce 
authorisation server. However, there are a couple of issues, which are probably 
due to me misreading the user guide (again!) and/or getting confused over what 
markup goes into controller and view files for RevIgniter.

I’m using a controller file to prepare and add to the gData[] array both the 
form contents and submit button, which are then accessed in the view file, 
using the following...



In the controller file, I first used the recipe for ‘Adding Hidden Input 
Fields’ to create an array for the third ‘hidden’ parameter of the 
rigFormOpen() function. This worked as a POST but all the hidden fields are 
visible in the view file’s html. This is rather insecure for authentication, 
revealing consumer_id (and in future, client_secret, which I’ll need to add to 
increase security once basic access is proven).

So, I’m hoping the rigFormHidden(tData) recipe can keep the hidden content 
‘LiveCode-side' until post submission and out of the HTML. So far the hidden 
values don’t seem to be getting into the POST, as I’m getting an unsupported 
request type (so the ‘response_type=code’ is not being received).

I’m sure I am taking the wrong approach, as well as incorrect syntax in my 
controller handler - as if I understand things correctly, the way I’ve got 
parameter three of the rigFormOpen() call pointing at gData[‘hidden’] would, if 
successful, render the hidden contents visible in the view file’s html...

   # Prepare Salesforce login form
   
 # Load form helper library

 rigLoadHelper "form"
   
   # Prepare hidden parameter data array

 put “XXsomeClientIdXX" into aHidden["client_id"]
 put URLencode(“XXsomeRedirectURLXX") into aHidden["redirect_uri"]
 put "code" into aHidden["response_type"]
 put rigFormHidden(aHidden) into gData["hidden"]
 
 # Prepare form

 put rigFormOpen(“XXauthoirisationServerURLXX", “", gData["hidden"]) into 
gData["formOpen"]
 
 # Prepare submit button

 put "sfLoginBtn" into aData["name"]
 put "sfLoginBtn" into aData["id"]
 put "btn btn-primary" into aData["class"]
 put "submit" into aData["type"]
 put "Salesforce Login" into aData["value"]
 
 put rigSubmitButton(aData) into gData["submit"]
   
   # put "Topic1,Topic2,Topic3" into gData["ListItems"]


   get rigLoadView("homeMainView")

I’m probably making multiple newbie errors, but I’ve been unable to find any 
worked examples of RevIgniter controller and view file markup for form posting. 
So, I’d be obliged for any hints and tips.
Best,
Keith


On 6 Dec 2023, at 17:53, Ralf Bitter via use-livecode 
 wrote:

Hi Keith,

using revIgniter you can always hard code the opening
form tag, this way you can use any URL as an action
attribute.

However, your message has prompted me to change the
rigFormOpen() function so that you can override the
current URL with the value of an optional action
attribute included in the second parameter.
So, if you like, you can download the modified
version of the form helper at:

https://github.com/revig/revigniter/blob/develop/system/helpers/formHelper.livecodescript


Ralf



On 06.12.2023 11:00, Keith Clarke via use-livecode wrote:

Hi folks,
Does anyone have experience of using OAuth2 with LiveCode server, to log into 
third-party data sources for API access?
  I am experimenting with a web based utility app that runs on LiveCode server & 
RevIgniter and I need to be able to log into a Salesforce.com  
account to pull data into the app via APIs. I’m following the Salesforce Oauth 2.0 Web Server 
Flow for Web App Integration 
https://help.salesforce.com/s/articleView?id=sf.remoteaccess_oauth_web_server_flow.htm=5
 and
I’ve configured the LiveCode app as a connected app in a Salesforce developer 
instance, to create a consumer id, with which I can request an authorisation 
code. This requires a POST to a Salesforce endpoint, which, if successful 
redirects to a page on the Salesforce authorisation server to provide login 
credentials. This is where I’m stuck...
The LiveCode OAuth2 library seems to be desktop centric (expecting any 
redirects via the loopback IP address of 127.0.0.1, rather than a URL); the 
RevIgniter forms library seems to support posts to URLs within the LiveCode app 
but not third party URLs; and if I create a LiveCode file to ‘post data to URL 
tSalesforceAuthURL’ from within RevIgniter, I can’t see any option to follow 
redirects and so, unsurprisingly, the page URL doesn’t change.
Any advice

Re: LiveCode server as OAuth2 client for APIs?

2023-12-07 Thread Keith Clarke via use-livecode

Hi Ralf,
Thanks for the guidance and updated formHelper script - and apologies to folks 
not using LiveCode Server or RevIgniter - I now realise this should have been 
posted on the use RevIgniter list. 

I’ve now got a basic button that submits a form data post to the Salesforce 
authorisation server. However, there are a couple of issues, which are probably 
due to me misreading the user guide (again!) and/or getting confused over what 
markup goes into controller and view files for RevIgniter.

I’m using a controller file to prepare and add to the gData[] array both the 
form contents and submit button, which are then accessed in the view file, 
using the following... 

In the controller file, I first used the recipe for ‘Adding Hidden Input 
Fields’ to create an array for the third ‘hidden’ parameter of the 
rigFormOpen() function. This worked as a POST but all the hidden fields are 
visible in the view file’s html. This is rather insecure for authentication, 
revealing consumer_id (and in future, client_secret, which I’ll need to add to 
increase security once basic access is proven). 

So, I’m hoping the rigFormHidden(tData) recipe can keep the hidden content 
‘LiveCode-side' until post submission and out of the HTML. So far the hidden 
values don’t seem to be getting into the POST, as I’m getting an unsupported 
request type (so the ‘response_type=code’ is not being received). 

I’m sure I am taking the wrong approach, as well as incorrect syntax in my 
controller handler - as if I understand things correctly, the way I’ve got 
parameter three of the rigFormOpen() call pointing at gData[‘hidden’] would, if 
successful, render the hidden contents visible in the view file’s html... 

  # Prepare Salesforce login form

# Load form helper library
rigLoadHelper "form"

  # Prepare hidden parameter data array
put “XXsomeClientIdXX" into aHidden["client_id"]
put URLencode(“XXsomeRedirectURLXX") into aHidden["redirect_uri"]
put "code" into aHidden["response_type"]
put rigFormHidden(aHidden) into gData["hidden"]

# Prepare form
put rigFormOpen(“XXauthoirisationServerURLXX", “", gData["hidden"]) into 
gData["formOpen"]

# Prepare submit button
put "sfLoginBtn" into aData["name"]
put "sfLoginBtn" into aData["id"]
put "btn btn-primary" into aData["class"]
put "submit" into aData["type"]
put "Salesforce Login" into aData["value"]

put rigSubmitButton(aData) into gData["submit"]

  # put "Topic1,Topic2,Topic3" into gData["ListItems"]

  get rigLoadView("homeMainView")

I’m probably making multiple newbie errors, but I’ve been unable to find any 
worked examples of RevIgniter controller and view file markup for form posting. 
So, I’d be obliged for any hints and tips.
Best,
Keith

> On 6 Dec 2023, at 17:53, Ralf Bitter via use-livecode 
>  wrote:
> 
> Hi Keith,
> 
> using revIgniter you can always hard code the opening
> form tag, this way you can use any URL as an action
> attribute.
> 
> However, your message has prompted me to change the
> rigFormOpen() function so that you can override the
> current URL with the value of an optional action
> attribute included in the second parameter.
> So, if you like, you can download the modified
> version of the form helper at:
> 
> https://github.com/revig/revigniter/blob/develop/system/helpers/formHelper.livecodescript
> 
> 
> Ralf
> 
> 
> 
> On 06.12.2023 11:00, Keith Clarke via use-livecode wrote:
>> Hi folks,
>> Does anyone have experience of using OAuth2 with LiveCode server, to log 
>> into third-party data sources for API access?
>>  I am experimenting with a web based utility app that runs on LiveCode 
>> server & RevIgniter and I need to be able to log into a Salesforce.com 
>>  account to pull data into the app via APIs. I’m 
>> following the Salesforce Oauth 2.0 Web Server Flow for Web App Integration 
>> https://help.salesforce.com/s/articleView?id=sf.remoteaccess_oauth_web_server_flow.htm=5
>>  and
>> I’ve configured the LiveCode app as a connected app in a Salesforce 
>> developer instance, to create a consumer id, with which I can request an 
>> authorisation code. This requires a POST to a Salesforce endpoint, which, if 
>> successful redirects to a page on the Salesforce authorisation server to 
>> provide login credentials. This is where I’m stuck...
>> The LiveCode OAuth2 library seems to be desktop centric (expecting any 
>> redirects via the loopback IP address of 127.0.0.1, rather than a URL); the 
>> RevIgniter forms library seems to support posts to URLs within the LiveCode 
>> app but not third party URLs; and if I create a LiveCode file to ‘post data 
>> to URL tSalesforceAuthURL’ from within RevIgniter, I can’t see any option to 
>> follow redirects and so, unsurprisingly, the page URL doesn’t change.
>> Any advice greatly appreciated.
>> Best,
>> Keith
>> ___
> 
>

Re: LiveCode server as OAuth2 client for APIs?

2023-12-06 Thread Ralf Bitter via use-livecode


Hi Keith,

using revIgniter you can always hard code the opening
form tag, this way you can use any URL as an action
attribute.

However, your message has prompted me to change the
rigFormOpen() function so that you can override the
current URL with the value of an optional action
attribute included in the second parameter.
So, if you like, you can download the modified
version of the form helper at:

https://github.com/revig/revigniter/blob/develop/system/helpers/formHelper.livecodescript


Ralf



On 06.12.2023 11:00, Keith Clarke via use-livecode wrote:

Hi folks,
Does anyone have experience of using OAuth2 with LiveCode server, to log into 
third-party data sources for API access?
  
I am experimenting with a web based utility app that runs on LiveCode server & RevIgniter and I need to be able to log into a Salesforce.com  account to pull data into the app via APIs. I’m following the Salesforce Oauth 2.0 Web Server Flow for Web App Integration https://help.salesforce.com/s/articleView?id=sf.remoteaccess_oauth_web_server_flow.htm=5 and


I’ve configured the LiveCode app as a connected app in a Salesforce developer 
instance, to create a consumer id, with which I can request an authorisation 
code. This requires a POST to a Salesforce endpoint, which, if successful 
redirects to a page on the Salesforce authorisation server to provide login 
credentials. This is where I’m stuck...

The LiveCode OAuth2 library seems to be desktop centric (expecting any 
redirects via the loopback IP address of 127.0.0.1, rather than a URL); the 
RevIgniter forms library seems to support posts to URLs within the LiveCode app 
but not third party URLs; and if I create a LiveCode file to ‘post data to URL 
tSalesforceAuthURL’ from within RevIgniter, I can’t see any option to follow 
redirects and so, unsurprisingly, the page URL doesn’t change.

Any advice greatly appreciated.
Best,
Keith
___


___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

LiveCode server as OAuth2 client for APIs?

2023-12-06 Thread Keith Clarke via use-livecode

Hi folks,
Does anyone have experience of using OAuth2 with LiveCode server, to log into 
third-party data sources for API access?
 
I am experimenting with a web based utility app that runs on LiveCode server & 
RevIgniter and I need to be able to log into a Salesforce.com 
 account to pull data into the app via APIs. I’m 
following the Salesforce Oauth 2.0 Web Server Flow for Web App Integration 
https://help.salesforce.com/s/articleView?id=sf.remoteaccess_oauth_web_server_flow.htm=5
 and 

I’ve configured the LiveCode app as a connected app in a Salesforce developer 
instance, to create a consumer id, with which I can request an authorisation 
code. This requires a POST to a Salesforce endpoint, which, if successful 
redirects to a page on the Salesforce authorisation server to provide login 
credentials. This is where I’m stuck...

The LiveCode OAuth2 library seems to be desktop centric (expecting any 
redirects via the loopback IP address of 127.0.0.1, rather than a URL); the 
RevIgniter forms library seems to support posts to URLs within the LiveCode app 
but not third party URLs; and if I create a LiveCode file to ‘post data to URL 
tSalesforceAuthURL’ from within RevIgniter, I can’t see any option to follow 
redirects and so, unsurprisingly, the page URL doesn’t change.

Any advice greatly appreciated.
Best,
Keith  
___
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode

Re: LiveCode server as OAuth2 client for APIs?

Re: LiveCode server as OAuth2 client for APIs?

Re: LiveCode server as OAuth2 client for APIs?

LiveCode server as OAuth2 client for APIs?

4 matches

Site Navigation

Mail list logo

Footer information