Il n’y a qu’un seul mode OAUTH qui est impl\u00e9ment\u00e9 et qui est tr\u00e8s proche du three legs flow<\/i> et qui n’est donc pas adapt\u00e9 pour un \u00e9change de serveur \u00e0 serveur.<\/p>\n
L’id\u00e9e principale est que :<\/p>\n
l’utilisateur s’authentifie avec le navigateur (et pas en mode BASIC Authentication !) via le serveur OAM. Il faut d\u00e9marrer le processus par une authentification car l’API suivante ne g\u00e8re pas la redirection provoqu\u00e9e par la phase d’authentification (sujet \u00e0 creuser pour voir s’il n’y a pas un contournement… ).<\/p>\n
Une fois authentifi\u00e9, un script javascript peut r\u00e9cup\u00e9rer un token d’acc\u00e8s en d\u00e9clenchant l’URL suivante en mode GET:<\/p>\n
https:\/\/<tenant>.documents.us2.oraclecloud.com:443\/documents\/web?IdcService=GET_OAUTH_TOKEN<\/pre>\nLe resultat JSON est de la forme:<\/p>\n
{\r\n\"LocalData\":\r\n{\r\n\"IdcService\": \"GET_OAUTH_TOKEN\",\r\n\"StatusCode\": \"0\",\r\n\"StatusMessage\": \"You are logged in as 'XXXX57507062C91FXXXXX9015'.\",\r\n\"StatusMessageKey\": \"!csUserLoggedIn,XXXXXX507062C9XXXXXX9015\",\r\n\"dUser\": \"XXXXXXXXXXXXXXXX57507062CXXXXX4E9015\",\r\n\"dUserFullName\": \"Patrick Monaco\",\r\n\"expiration\": \"604799\",\r\n\"idcToken\": \"111111:XXXXXXXXXXXXXXXB5B8634EE2D\",\r\n\"localizedForResponse\": \"1\",\r\n\"tokenValue<\/strong>\": \"zzzzzzzzzzzNhdGhldGVydHJp......... K8nhD5G8e80TdPxIdogebT\r\nmIRrLCar8LQkmnAX5PbfnGg\"\r\n},\r\n\"ResultSets\":\r\n}<\/pre>\nC’est le tokenValue<\/strong> qu’il faut utiliser lors des appels ulterieurs d’apis REST en l’ajoutant syst\u00e9matiquement dans la variable de header:<\/p>\n
Authorization: Bearer<\/strong> <tokenValue><\/pre>\n","protected":false},"excerpt":{"rendered":"Il n’y a qu’un seul mode OAUTH qui est impl\u00e9ment\u00e9 et qui est tr\u00e8s proche du three legs flow et qui n’est donc pas…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"ppma_author":[150],"class_list":["post-3752","post","type-post","status-publish","format-standard","hentry","category-dev"],"authors":[{"term_id":150,"user_id":1,"is_guest":0,"slug":"admin8700","display_name":"Patrick","avatar_url":"https:\/\/secure.gravatar.com\/avatar\/209d5ed69b74d288390621ab4c1d3773?s=96&d=mm&r=g","0":null,"1":"","2":"","3":"","4":"","5":"","6":"","7":"","8":""}],"_links":{"self":[{"href":"https:\/\/gpmfactory.com\/index.php\/wp-json\/wp\/v2\/posts\/3752","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/gpmfactory.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gpmfactory.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gpmfactory.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/gpmfactory.com\/index.php\/wp-json\/wp\/v2\/comments?post=3752"}],"version-history":[{"count":4,"href":"https:\/\/gpmfactory.com\/index.php\/wp-json\/wp\/v2\/posts\/3752\/revisions"}],"predecessor-version":[{"id":3928,"href":"https:\/\/gpmfactory.com\/index.php\/wp-json\/wp\/v2\/posts\/3752\/revisions\/3928"}],"wp:attachment":[{"href":"https:\/\/gpmfactory.com\/index.php\/wp-json\/wp\/v2\/media?parent=3752"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gpmfactory.com\/index.php\/wp-json\/wp\/v2\/categories?post=3752"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gpmfactory.com\/index.php\/wp-json\/wp\/v2\/tags?post=3752"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/gpmfactory.com\/index.php\/wp-json\/wp\/v2\/ppma_author?post=3752"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}