Nova postagem

Pesquisar

Pergunta
· Abr. 7

OAuth2: Retrieve access_token and prevent login if it's valid

We have an OAuth server configured as an identity provider, and we have an external application (from another provider) that connects correctly with OAuth.

Due to the needs of the project, what we want to do is the following:

  • If the user is not authenticated, show the OAuth login page, have them log in, and redirect them to the third-party app --> This part works
  • If the user is already authenticated (already logged in and already has a valid access_token), we create a cookie with the access_token generated at login, and when entering the third-party application URL, instead of showing the OAuth login, if the access_token is valid, redirect directly to the third-party application --> This is the part we can't get working

What do we have?

  • We have created a custom class "test.oauth.server.Authenticate" that extends from %OAuth2.Server.Authenticate.
  • We've added the BeforeAuthenticate method. Here we're able to read the request cookies, find the one we created, get the access_token, validate it, and then get the token itself:
Include Ensemble

Class test.oauth.server.Authenticate Extends %OAuth2.Server.Authenticate
{

ClassMethod BeforeAuthenticate(scope As %ArrayOfDataTypes, properties As %OAuth2.Server.Properties) As %Status
{
    $$$LOGINFO("Entrando en BeforeAuthenticate")

	set currentNS = $Namespace
    Set httpRequest = %request
    Set tokenCookie = httpRequest.GetCookie("SessionToken")

    If tokenCookie '= "" {
        $$$LOGINFO("Token encontrado en Cookie: "_tokenCookie)
        
        // Llamar manualmente a GetAccessToken con el token de la cookie
        If ..GetAccessToken(tokenCookie) {
            Set isValid = ##class(%SYS.OAuth2.Validation).ValidateJWT("ValidarToken", tokenCookie, , , .jsonObject, .securityParameters, .sc)
            $$$LOGINFO(isValid_" ("_sc_"): "_$System.Status.GetErrorText(sc))
            $$$LOGINFO(jsonObject.%ToJSON())
            
            set $Namespace = "%SYS"
            Set token=##class(OAuth2.Server.AccessToken).OpenByToken(tokenCookie,.sc)
            set $Namespace = currentNS
            
            $$$LOGINFO(token_" ("_sc_"): "_$System.Status.GetErrorText(sc))
            
            Quit 1 // Continuar sin mostrar login
        } Else {
            $$$LOGINFO("GetAccessToken rechazó el token")
            Quit $$$OK
        }
    }

    $$$LOGINFO("No se encontró token en Cookie")
    Quit $$$OK
}

ClassMethod GetAccessToken(ByRef AccessToken As %String) As %Boolean
{
    $$$LOGINFO("Entrando en GetAccessToken")
    
    // Si ya recibimos un token desde BeforeAuthenticate
    If AccessToken '= "" {
        // Token recibido en GetAccessToken
        // Llamar a la función de validación de token
        Set sc = ##class(%SYS.OAuth2.Validation).ValidateJWT("ValidarToken", AccessToken, , , .jsonObject, .securityParameters)
        Set user = jsonObject.sub
        $$$LOGINFO("Token válido. Usuario: "_user)
        If user '= "" {
            $$$LOGINFO("Usuario autenticado: "_user)
            Quit $$$OK
        } Else {
            $$$LOGINFO("El usuario está vacío.")
            Quit 0  // Retorna 0 si el usuario es vacío
        }
    }
    
    Quit 0  // Asegúrate de retornar 0 si no se obtiene el token
}

}

But no matter what, even if we have the access_token, open the OAuth Token object, etc., it still shows the login. We think we're missing something, but we don't know what...

What can we do? Any ideas?

Thank you!

Discussão (0)0
Entre ou crie uma conta para continuar
Pergunta
· Abr. 6

Query variable column names

Hi,

 

How can I query fields by passing them in variable names, eg. I would like to query columns Book & Author fields from eg. the following :

S =var1="Book", var2="Author"

Select  var1,var2 from myTables.Books

I tried @var1 or %var1 and didn't work

 

Thanks

3 Comments
Discussão (3)2
Entre ou crie uma conta para continuar
Anúncio
· Abr. 6

Key Questions of the Month: March 2025

Hey Community,

It's time for the new batch of #KeyQuestions from the previous month.

Here are the Key Questions of March chosen by InterSystems Experts within all Communities:

📌 Message Count by @Farman Ullah (EN)

📌 Walking a virtual document's structure by @Colin Brough (EN)

These questions will be highlighted with the #Key Question tag, and their authors will get the Key Question badge on Global Masters.

If you find the key question(s) from other communities interesting, just drop us a line in the comments and we will translate the question(s) and the accepted answer(s).

Congrats, and thank you all for your interesting questions. Keep them coming!

See you next month😉

Discussão (0)1
Entre ou crie uma conta para continuar
Pergunta
· Abr. 5

Trying to add #include %occErrors at the beginning of a class declaration fails because VS Code flags it as an error and won't save it

3 Comments
Discussão (3)3
Entre ou crie uma conta para continuar