Appirio's Tech Blog

Wednesday, July 28, 2010

Using the Salesforce.com OAuth Playground

Jeff Douglas

My article on developer.force.com, Using OAuth to Authorize External Applications, shows how to develop external Java applications that use OAuth to access your Saleforce.com data. But what if you want to do the opposite? What if you need to write an application on the Force.com platform that uses your data from Google, Twitter, LinkedIn or TripIt using OAuth? Luckily Jesper Jorgenson at Salesforce.com posted an open source project called sfdc-oauth-playground which is a generic consumer implementation of OAuth as a Force.com App.

The main purpose of this beta project is to show you how to write OAuth signed requests in Apex. There is a managed packaged you can install into your org but if you really want to dig into the guts of OAuth (and who doesn’t??) you’ll need to download and install the source code from the project. The managed package doesn’t afford you to opportunity to modify code or view granular debug statements.

Jesper doesn’t provide much documentation for the project so I’ve put together a short video showing how to get started using Google Accounts and Blogger. Unfortunately different providers implement OAuth to their own liking so you sometimes have to make modifications to the requests being sent over the wire. I ran into a number of issues so hopefully this will assist you in getting up and running with OAuth.




In case you don’t have time for the video, here are a couple of screenshots outlining the process using the OAuth Consumer Playground application from the managed package.

Create a new OAuth Service (e.g., Blogger) with various URLs for accessing services


Authorize Salesforce access to Blogger


Grant access to Blogger


Authorization confirmation



OAuth Service access tokens


Testing the service

Labels: , ,
Posted by Jeff Douglas at 10:51 AM

| More

7 comments:

  1. Great video and documentation, Jeff! However, I'm running into a 400 "Bad Request" error. Here are a few debug lines --- don't expect you to debug this, but would appreciate any suggestions! THX.


    07:58:00.295 (295377000)|VARIABLE_ASSIGNMENT|[61]|this|{"callbackUrl":"https%3A%2F%2Ftapp0.salesforce.com%2Fapex%2Fcompleteauth","consumerKey":"anonymous","consumerSecret":"anonymous","isAccess":false,"nonce":"3381687849062010773","parameters":"0xa4658914","service":"0x8b4a44a","signature":"HTUf31zcd9TB6DCRFYQhvQjjl0o%3D","timestamp":"1297169880"}|0x144a3b6
    07:58:00.295 (295436000)|VARIABLE_SCOPE_END|[61]|this
    07:58:00.295 (295476000)|METHOD_EXIT|[61]|OAuth.sign(System.HttpRequest)
    07:58:00.295 (295527000)|STATEMENT_EXECUTE|[62]|DeclareVar: System.HttpResponse res
    07:58:00.295 (295560000)|VARIABLE_SCOPE_BEGIN|[62]|res|HttpResponse|true
    07:58:00.295 (295620000)|STATEMENT_EXECUTE|[63]|Condition
    07:58:00.295 (295692000)|STATEMENT_EXECUTE|[66]|Block with 1 statement
    07:58:00.295 (295744000)|STATEMENT_EXECUTE|[67]|System.HttpResponse res <= MethodInvocation
    07:58:00.295 (295791000)|METHOD_ENTRY|[67]|System.Http.send(APEX_OBJECT)
    07:58:00.295 (295880000)|CALLOUT_REQUEST|[67]|System.HttpRequest[Endpoint=https://www.google.com/accounts/OAuthGetRequestToken?scope= https%3A%2F%2Fwww.blogger.com%2Ffeeds%2F, Method=GET]
    07:58:00.415 (415603000)|HEAP_ALLOCATE|[EXTERNAL]|Bytes:1513
    07:58:00.415 (415727000)|CALLOUT_RESPONSE|[67]|System.HttpResponse[Status=Bad Request, StatusCode=400]

    ReplyDelete

  2. Have you tried debugging it with the OAuth Playground to make sure the request are structured the same. http://googlecodesamples.com/oauth_playground/

    ReplyDelete

  3. Hi,

    I have a wcf rest service which I want to access in salesforce and authenticate. I do not want a popup for each user to grant or deny access to wcf service. All I need to make sure that the request coming from salesforce is not tampered and it is a legitimate request. A person who know about the wcf url should not be able to make a request unless authenticated using OAuth. Is OAuth Playground is the right candidate?
    Please suggest..
    Appreciate your effort..
    Thanks
    Abby

    ReplyDelete

  4. Hi Jeff,
    Could you explain us how to use this oAuth playgroud for Twitter APp.
    We are trying it out but not even able to configure at the first level.

    It would be of great help if you can explain us how to use this for twitter.

    Thanks
    Santosh
    email: mailme.dsvr574@gmail.com

    ReplyDelete

  5. Hi Jeff,
    Thanks for this great video.Just wanted to know that i have my application which provide the service to write event in gmail calendar using oauth but i want if my user have a login with me how could i let them go and play in gmail caledar and should reflect same in my application calendar.Could you please share some idea on this .
    Thanks

    ReplyDelete

  6. Hi Jeff,

    I am trying the same for twitter, but when I authorize oAuth record, it throws an error to me.
    Problem: Failed getting a request token. HTTP Code = 401. Message: Unauthorized. Response Body: Desktop applications only support the oauth_callback value 'oob' /oauth/request_token

    I searched a lot to find the solution, but couldn't find anything yet.

    Can you please help me ?

    ReplyDelete

  7. Hi Jeff!
    Hope you're well...
    I read a post on the SFDC community board that, in short, says you can use OAuth to report on Social Contact usage
    Is this correct?
    And if so can you explain please
    Thanks!
    Jenn
    http://success.salesforce.com/questionDetail?qId=a1X30000000KWJzEAO

    ReplyDelete

Subscribe to: Post Comments (Atom)
 
2006-2012 Appirio Inc. All rights reserved.
Appirio.com | Support | Resource Center | Contact | Careers | Privacy Policy