This tutorial shows you the basic of Oauth. We have created a Java Web Application that authenticates the user to salesforce via Oauth 2.0 and then we have performed few CRUD operation via the new API.
- SSL enabled Tomcat Server as we have deployed our Web Application on tomcat. Click here for instruction on How to enable SSL on apache Tomcat 7.0
- Salesforce Remote Access Application. Click here for instruction on How to create Remote Access Application on Salesforce?
- Download the application from here and change the name to Services.
Run the Project:
Check out the project from the above URL, import into the eclipse and Run as a Server.
Navigate your browser to https://localhost:8443/Services. You will see the following page:
Click on the link and it will take you the salesforce page for Authentication :
Once you are login into salesforce, It will ask you to allow the Oauth_Apps to access your data:
After clicking on “Approve”button, You will see the below page with few CRUD operation output :
OauthServlet.JavaIn the Servlet initParams, We have defined the clinetSecret, clientId and the redirectUri, You can change it as per your remote application.
@WebInitParam(name = "clientId", value = "3MVG9Y6d_Btp4xp5hntckvnA5QVKsxlc4RUx9CbJndYCQQS4oO7jHAVspS0WdeCXBJlMXO1e9hwQSCjCBB71H"),
// clientSecret is 'Consumer Secret' in the Remote Access UI
@WebInitParam(name = "clientSecret", value = "4518803906379506686"),
// This must be identical to 'Callback URL' in the Remote Access UI
@WebInitParam(name = "redirectUri", value = "https://localhost:8443/Services/OAuthServlet/callback"),
@WebInitParam(name = "environment", value = "https://login.salesforce.com"), })
When the Servlet initializes, it constructs
authUrl, to which it redirects the user to authenticate and authorize access to data:
authUrl = environment+ "/services/oauth2/authorize?response_type=code&client_id="
+ clientId + "&redirect_uri="+ URLEncoder.encode(redirectUri, "UTF-8");}
The response.sendRedirect(authUrl) authenticates the users, obtains authorization for the web app to access the user’s data(first time) and then redirects the user back to redirectUri: https://localhost:8443/Services/OAuthServlet/callback
When control returns to the Servlet, we use the returned data to build a POST request and send it to
tokenUrland we get the response(access token and instance Url) from authorization server in JSON format.
TestApi.javaAs we have access token, Here we have just perform few CRUD operation i,e showAccounts, createAccount,deleteAccount and updateAccounts. In every HttpClient calls, we set a request header,
Authorizationto the value
OAuth, followed by a space, and the access token. It is essential to do this for every interaction with the REST API; failure to do so results in a 401 ‘Unauthorized’ error when submitting the request.
Summary:The application demonstrates how to authenticate and retrieve an access token using Oauth 2.0 and how we can do perform CURD operation with the help of access token.