on 03-12-2015 3:35 PM
I'm trying to setup the feed widget(group) on one of our customer's portal pages. They are passing the single use token for authentication.
The feed widget works but there is an issue when the single use token passed to the script is generated by a second user. The widget posts comments by the 2nd user with the 1st user's Name on the group feed.
Steps :
1) Generate access token using saml for user 1.
2) use the access token to generate single use token for user 1.
3) Pass it to the script. Page now shows the widget. Post comments.
Repeat steps for a second user. The widget still shows that the comments were posted by user 1.
Thanks,
Satish
Thank you for the great support, Rüdiger!
I will look into it. A search feature in API Docs would be helpful 🙂
Best,
Anton
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Satish
Are you sure you are authenticating a new user when you ask for the single use token. This functionality is very well validated so I'm not expecting a bug here.
Here's what I would suggest.
Call /Self before you request a single use token. This OData call will validate you are properly logged in as user2 before you retrieve the token for the feed widget. My guess is you still have the assertion for the first user.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Robert,
When I call self, I need to pass the access token associated with the user and the system determines the user correctly.
It is only when I use the widget the issue is occurring.
Can we please have a quick 10 min webex show I can show you what I mean?
I’ll send the invite after you confirm.
Thanks,
Satish
Hi Robert.
I am also working on a JAM-based application.
I build the OAuth 1.0a authorization and it is up an running. I need information (e.g. email, id) of the particular user that, I am holding the access_token for. So I just came across your "/self"
Do you have any documentation link for this API? I cannot find it in the offical docs.
I tried https://jam<no>.sapjam.com/v1/self and https://jam<no>.sapjam.com/self with a authorized request...both came back with a 404.
Any help is highly appreciated.
Best,
Anton
Hi Anton,
This should be https://.sapjam.com/api/v1/OData/Self .
Documentation is at http://help.sap.com/download/documentation/sapjam/developer/index.html#odata/references/ServiceOpsGE...
Best,
Rüdiger
Anything that doesn't necessarily fit into our OData model is generally in the OData Service operation calls. Also Anton you should be thinking about wether other users with use the same browser on the same machine. The other developer on this topic had a shared desktop scenario so he had to worry about logout of the feed widget to allow switching between different users.
It is just the UI based logout:
GET https://jam4.sapjam.com/auth/logout
(on jam4) a POST also works.
Hello Anton,
could you kidly share how did you implement the oAuth 1.0a authentication?
I tried to call JAM API by proceeding with the following steps:
All the calls above are ok except for the 4th, where I got always 500 error.I don't know if the error is on the server (but I cannot access Jam servers to verify) or it could be caused by a client error call.My questions about are:
I also add info that the Sigle sign on is already configured for me, if could help to support me about this topic.
Thank you in advance for the help you will provide!
Max
A 500 error is stating that there was an internal server error. Is this actually what is being returned by the call, or is it your application that is returning a 500 error itself? This shouldn't be related to the authorization, and is likely best to be posted as a separate question so it doesn't get lost in here.
You would want to include more details specifically about that last call, whether you are doing a GET, a POST, an example of a payload that you are passing, and what headers that you are setting.
Hi Max,
yes, as Adam states, a 500 error is probably due to some error in your request call to JAM...otherwise it would be a 404 or something. Do you have a screenshot?
Did you sign your request correctly with the key?
I could share some code with you...it is written in PHP and quite complicated due to some different libraries I am using. But if your steps 1 to 3 are fine, then the 4. should be a breeze.
Cheers
Following are my requests:
1)POST:
2)Navigate to:
https://jam12.sapjam.com/oauth/authorize?oauth_token=skm1JCwQ8NdSQrTchcITkxsDKeDLmw4IytIqYDMj
And manually allow from JAM Portal and got the following verifier
oauth_verifier=kCUOHsR5zT7t2qfURiJH
3)POST:
4)GET:
Here I got 500 error.
Could you please help and check the requests above, are they correct?
One more question from my hand: is there a way to by pass/avoid the user manually allow the request (point 2 above) or use a different way to authenticate, since my environment in Single-Sign-on enabled?
Thanks a lot guys!
Hi There!
Can you try to check your Request with [GET] /oauth/test_request ?
Yes. There is a way to build true SSO with SAML (SAP Jam Developer Guide). But I was unable to implement it and stayed with OAuth 1.0a so far.
Cheers
Hi Anton,
the request to the test service is returning 200 OK
this is the request
Result of the call is:
oauth_consumer_key=#cons_key#&oauth_token=KvXrtjlqDoDotuMmlYPifXWtv5CzdzREux5GIyF1&oauth_signature_method=PLAINTEXT&oauth_signature=#sign_key#&7VMkRoG5V1oqMayEDMedmcv0oKhBwO1t
So it's strange that other webservices like GetGroups, Self, ecc.. calls fail.
Using the oAuth 1.0 means to force user to allow manully the request? Did you implemented this way?
Since I will implement some batch operation I should avoid this step.
More tips and help will be appreciated.
thanks!
User | Count |
---|---|
88 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.