>  >  

OAuth2 Authorization

In addition to WRAP, Open Xerox supports OAuth2 for authentication. You can read the draft specifications here.

Contents:

Create an OAuth2 Session

Refresh a session with the refresh token

Get a service token to combine several services

 

Create an OAuth2 session

You can create a session and get a token (that you need to pass in your Open Xerox web services request) using the Open Xerox user credentials by doing a HTTP POST request on this url:

https://services.open.xerox.com/api/Auth/OAuth2

with parameters:

  • "username", with value: the user login
  • "password", with value: the user password

Please note that the content-type of the request should be: application/x-www-form-urlencoded

If the user & credentials are valid, the response contain a JSON object like this:

{
       "access_token":"THE ACCESS TOKEN",
       "token_type":"SWT",
       "expires_in":1200,
       "refresh_token":"THE REFRESH TOKEN",
}

 You can then use the access token exactly as you would use it with WRAP.

C# Example:

Use the following libraries available on nuget :

 

C# Sample using Json.Net library to parse JSON result:

HttpClient client = new HttpClient();
FormUrlEncodedContent form = new FormUrlEncodedContent(new Dictionary<string, string> { { "username", "username" }, { "password", "password" } });

Task<HttpResponseMessage> message = client.PostAsync("https://services.open.xerox.com/api/Auth/OAuth2", form);
String result = message.Result.Content.ReadAsStringAsync().Result;

JObject obj = JObject.Parse(result);
string token = (string)obj["access_token"]
string refreshToken = (string)obj["refresh_token"];

 

Refresh a session with the Refresh Token

By default, a session lifetime on Open Xerox is 20 minutes. If your session has expired, it is possible to create a new one using the refresh token given during the initial session creation (see above).

You can create a new session by doing an HTTP POST request on this url:

https://services.open.xerox.com/api/Auth/OAuth2

with parameters:

  • "refresh_token", with value:  the refresh token
  • "grant_type", with value: "refresh_token"

If the refresh token is valid, the response contains a json object like in the previous method.

C# Example:

C# Sample using Json.Net library to parse JSON result:

HttpClient client = new HttpClient();
FormUrlEncodedContent form = new FormUrlEncodedContent(new Dictionary<string, string> { { "refresh_token", "THE REFRESH TOKEN" }, { "grant_type", "refresh_token" } });

Task<HttpResponseMessage> message = client.PostAsync("https://services.open.xerox.com/api/Auth/OAuth2", form);
String result = message.Result.Content.ReadAsStringAsync().Result;
JObject obj = JObject.Parse(result);

string token = (string)obj["access_token"];
string refreshToken = (string)obj["refresh_token"];

 

Get a service token to combine several services

If you want to combine two or more Open Xerox services, you need to make sure that the calling service is authorized to consume the second service.

As described in this page, there are several way to grant permissions to a service. Here, we describe how to retrieve a service token in order to authentify the calling service.

In order to retrieve a service token, one simply needs to POST to this URL:

https://services.open.xerox.com/api/Auth/OAuth2

with parameters:

  • "grant_type", with value: "client_credentials"
  • "client_id", with value: the service ID
  • "client_secret", with value: the service secret key

 If the parameters are valid, the response contains a JSON object similar to the previous ones, with an access token and a refresh token.

C# Example:

C# Sample using Json.Net library to parse JSON result:

HttpClient client = new HttpClient();
FormUrlEncodedContent form = new FormUrlEncodedContent(new Dictionary<string, string> { { "client_id", "MY SERVICE ID" },{ "client_secret", "MY SERVICE SECRET KEY" }, { "grant_type", "client_credentials" } });

Task<HttpResponseMessage> message = client.PostAsync("https://services.open.xerox.com/api/Auth/OAuth2", form);
String result = message.Result.Content.ReadAsStringAsync().Result;
JObject obj = JObject.Parse(result);

string servicetoken = (string)obj["access_token"];
string servicerefreshToken = (string)obj["refresh_token"];