1

I'm trying to login automatically in the REST Services of Magento. Everything just works fine. Except I always need to enter the authorizations URL manually. I'm trying to find a service or something were I can put the authorizations URL and get the verification code back from it. Without doing it manually.

I used this code/tutorial: http://blog.jerrysapps.com/2012/11/05/using-the-magento-rest-api-in-java-with-scribe/

Thanks.

edit: Now you need to do the Authorization step manually, you need to click on a button to 'approve' and need to be logged in to the back-end of Magento. I want to do this automatically. So the step of authorization and the loggin to the backend needs to be automatically

Improve this question
2
  • I'm not sure I fully understood your question - please elaborate. Commented Feb 4, 2013 at 7:30
  • Edited the first posts zaske Commented Feb 4, 2013 at 13:08

2 Answers 2

Reset to default
1

I believe you are looking for something like this: Magento REST api authentication

You should keep the oauth_token and the oauth_token_secret. If you're using java, you may take a look at scribe: https://github.com/fernandezpablo85/scribe-java

Magento pull request: https://github.com/fernandezpablo85/scribe-java/pull/325

Magento connection: https://github.com/saleram1/scribe-java/commit/7fef61789236d4dff183bb35ff5ce3a5a01c153a

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Maybe not the best way to go but this worked for me. As I understood the Magento tokens don't expire. They can be manually revoked though. Scribe (mentioned in other answer) was the easiest way I could find to to get authorization. I also use a very handy library, Xstream, with a small FileUtil class, for storing and retrieving the token and service object to/from xml, so that I don't have to authorize and get new token each time. Maybe not the best practices used and some unecessary code but it requires one time authorization only. First I use the createService() and then the start() method from Authorization class. Below are the Java classes used:

MagentoApi.java

package somepackage;

import org.scribe.builder.api.DefaultApi10a;
import org.scribe.model.Token;

public class MagentoApi extends DefaultApi10a {

private static final String AUTHORIZE_URL = "http://domain.com/admin/oauth_authorize";

@Override
public String getAccessTokenEndpoint() {
    return "http://domain.com/oauth/token";
}

@Override
public String getRequestTokenEndpoint() {
    return "http://domain.com/oauth/initiate";
}

@Override
public String getAuthorizationUrl(Token requestToken) {
    return AUTHORIZE_URL+"?oauth_token="+requestToken.getToken();
}

}

Authorization.java

package somepackage;

import com.thoughtworks.xstream.XStream;
import java.io.File;
import java.util.Scanner;
import org.scribe.builder.ServiceBuilder;
import org.scribe.model.Token;
import org.scribe.model.Verifier;
import org.scribe.oauth.OAuthService;


public class Authorization {

private OAuthService service;
private Token requestToken;
private Token accessToken;
private String authUrl;

public Token start() {

    File f = new File("token.xml");
    if (f.exists()) {
        System.out.println("Feching Existing Token");
        loadToken();
        return accessToken;
    }

    Scanner in = new Scanner(System.in);

    System.out.println("--- Magento OAuth Authorization ---\n");
    System.out.println("Fetching The Request Token...");
    requestToken = service.getRequestToken();
    System.out.println("Got The Request Token!\n");
    System.out.println(" Go & Authorize Magento Here:");
    authUrl = service.getAuthorizationUrl(requestToken);
    System.out.println(authUrl);
    System.out.println("\nPaste The Verifier Here:");
    System.out.print(">> ");
    Verifier verifier = new Verifier(in.nextLine());
    System.out.println("\nTrading The Request Token For An Access Token...");
    accessToken = service.getAccessToken(requestToken, verifier);
    System.out.println("Got the Access Token!");
    saveToken();
    return accessToken;
}

public OAuthService createService() {

    File f = new File("service.xml");
    if (f.exists()) {
        System.out.println("Feching Existing Service");
        loadService();
        return service;
    }
    service = new ServiceBuilder()
            .provider(MagentoApi.class)
            .apiKey("Consumer Key")
            .apiSecret("Consumer Secret")
            .build();
    saveService()
    return service;
}

 public void saveService() {
    File file = new File("service.xml");
    XStream xstream = new XStream();
    xstream.alias("service", OAuthService.class);
    String xml = xstream.toXML(service);
    try {
        FileUtil.saveFile(xml, file);
    } catch (Exception e) {
    }
}

public void saveToken() {
    File file = new File("token.xml");
    XStream xstream = new XStream();
    xstream.alias("token", Token.class);
    String xml = xstream.toXML(accessToken);

    try {
        FileUtil.saveFile(xml, file);
    } catch (Exception e) {
    }
}

@SuppressWarnings("unchecked")
public void loadService() {

    File file = new File("service.xml");
    XStream xstream = new XStream();
    xstream.alias("service", OAuthService.class);
    try {
        String xml = FileUtil.readFile(file);
        service = (OAuthService) xstream.fromXML(xml);
    } catch (Exception e) {

    }
}

@SuppressWarnings("unchecked")
public void loadToken() {

    File file = new File("token.xml");
    XStream xstream = new XStream();
    xstream.alias("token", Token.class);
    try {
        String xml = FileUtil.readFile(file);
        accessToken = (Token) xstream.fromXML(xml);
    } catch (Exception e) {
    }
}

}

FileUtil.Java

package somepackage;

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.File;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.file.Files;

public class FileUtil {

private static final Charset CHARSET = Charset.forName("UTF-8");

public static String readFile(File file) throws IOException {
    StringBuilder stringBuffer = new StringBuilder();
    BufferedReader reader = Files.newBufferedReader(file.toPath(), CHARSET);
    String line = null;
    while ((line = reader.readLine()) != null) {
        stringBuffer.append(line);
    }
    reader.close();
    return stringBuffer.toString();
}

public static void saveFile(String content, File file) throws IOException {
    BufferedWriter writer = Files.newBufferedWriter(file.toPath(), CHARSET);
    writer.write(content, 0, content.length());
    writer.close();
}
}
Improve this answer

1 Comment

If I were to deploy these codes into a WAR file and send to production server, how am i going to keep the Verifier Code first time authenticated with Magento? Which node of token.xml or service.xml i should paste the Verifier code into it?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.