Here is my problem: I would like to create an application with IBM Worklight which will call via an adapter a service that requires OAuth (ie: Twitter).
Anyone have some thought for the best method to implement this using IBM Worklight?
For example, use one method to get the token, store the token in the session and then other methods to interact with the service?
Is there some out of the box functionality in IBM Worklight to handle the token acceptance in such case (ie: automatically open a browser to provide the authorization)?
Many thanks
Dominique
You can use the cordova inappbrowser plugin to get the access token and pass the token to the Worklight adapters. I am working on a devworks article now with an example so I will update this response with a link once it's live.
Here's the link to the article that might be helpful to you: http://www.ibm.com/developerworks/library/mo-worklight-linkedin/index.html
Related
Supposed that customer only provides me the URL end point of their existing API. They don't have swagger file for us to import the APIs.
Customer wants to use API Connect to publish their API to users to use.
I did that successfully with API Management. Now API Management is deprecated by API Connect, but that feature is still in API Connect. I failed to make it work with API Connect. How can we use API Connect to publish the existing REST API of customer not using swagger? Please shed the light. I'm greatly appreciated with your help.
Regards,
Quyen Tran
To publish an API into an IBM API Connect catalog, and to have access to that API managed by the API Gateway, you will need a Swagger (OpenAPI) document.
If you don't have a Swagger document, you will need to author one e.g. using the API Designer or API Manager tooling. You will need to know the URL of the existing endpoint but also the schema of any data that needs to be sent to or received from that URL.
If you made it work with IBM API Management then it should be no different with IBM API Connect.
I have followed all the steps mentioned in the following link to implement oAuth authentication for connecting to VSO:
https://www.visualstudio.com/en-us/integrate/get-started/auth/oauth
It involves creating a azure web site and the token in returned to it which is used for further processing.
My requirement is to create a service which will connect to VSO using oAuth authentication and fetch/create the work items.
I want to know how to configure the call back url in case of using a service.
Firstly, please take note that: Right now, it is only supported to register web application, it is impossible to register a WCF service project.
If you would like to register a web application and would like to get the call back URL, please check my reply in this link for the detailed steps: callbackurl while connecting to vso using oAuth
We are working with MobileFirst 7.0 version. We want to achieve authentication using adapter based authetication process. Earlier we used HTTP Adapter and it worked. But we changed it to Java Adapter and want to acheive authentcation with Java Adapter Based authetication.
My questions are :
Is it possible?
If yes, how can we move forward?
If not, what is the alternative of doing authentication usig Java Adapter?
There is some documentation covering your question.
Here are links to get you started:
Authentication concepts in MFP 7.0: https://developer.ibm.com/mobilefirstplatform/documentation/getting-started-7-0/authentication-security/authentication-concepts/
Adapters overview: https://developer.ibm.com/mobilefirstplatform/documentation/getting-started-7-0/server-side-development/adapter-framework-overview/
Java adapters: https://developer.ibm.com/mobilefirstplatform/documentation/getting-started-7-0/server-side-development/java-adapter/
Adapter-based authentication: https://developer.ibm.com/mobilefirstplatform/documentation/getting-started-7-0/authentication-security/adapter-based-authentication/
You need to use a JavaScript adapter.
Read the documentation.
Use OAuth.
I found this blog entry, and in particular the second video answered many questions.
OAuth Blog
In all cases I have ever seen we set up a Worklight security Realm and use adapter-based authentication to authenticate to that Realm. Our OAuth-protected resources then reference that realm.
In principle we could define realms that do not depend upon a JavaScript adapter for authentication, the MFP Security model is open to extension. In practice this is probably more work than you want to do. I find that the JavaScript model is itself quite extensible, as it can call down to Java code when something complex is needed.
Can I consume a web service in a MobileFirst application without a MobileFirst server?
Yes, you can use your MobileFirst app without the need to connect to a MobileFirst server.
The drawback of not using the MobileFirst server is that you'll be loosing all of the features it provides like authentication, security, adapters, unified push notifications, direct update (for hybrid), remote disable, and other features.
If you want to make a request to any endpoint you can use WLResourceRequest (available from version 7.0 onwards) or any other native method to make HTTP requests.
Information on how to use WLResourceRequest
Android:
https://www-01.ibm.com/support/knowledgecenter/SSHS8R_7.0.0/com.ibm.worklight.apiref.doc/html/refjava-worklight-android-native/html/com/worklight/wlclient/api/WLResourceRequest.html
Hybrid:
https://www-01.ibm.com/support/knowledgecenter/SSHS8R_7.0.0/com.ibm.worklight.apiref.doc/html/refjavascript-client/html/WLResourceRequest.html?cp=SSHS8R_7.0.0%2F9-0-0-1-31
iOS: https://www-01.ibm.com/support/knowledgecenter/SSHS8R_7.0.0/com.ibm.worklight.apiref.doc/html/refobjc-worklight-ios/html/interface_w_l_resource_request.html%23a004749b662c6f4a55a3b76e47f7e6062?lang=en
If the call is for example to an external resource you can use the same plain regular AJAX calls as you would anywhere else.
If the resource is protected by MobileFirst Platform, then you must use adapters. Adapters must go through the MobileFirst Server.
Use it like simple IDE to develop application(Native and hybrid).You can use client side API also that do not connect to the mobilefirst server.
You cannot use a mobile first app if you are using MF 7.0 or higher without a server, as soon as you launch the app it invokes an authorization request something like following:
<< domain >>/<< context >>/authorization/v1/clients/instance
Which connects to your workflight server and if it doesnt get response it will fail.
As far as invoking a web service is concerned that is just javascript if you are doing hybrid you can use AJAX as mentioned in another answer. If you are building native IOS or Android you can invoke http request using sdk libraries.
Cheers !
I am building an iOS and Android Apps using Worklight Framework, the worklight server will be protected by IBM Security Access Manager (ISAM) SSO, and therefore the Apps can only be reaching the worklight server after passing the Security challenges. I've found some docs about this integration and it works as intended.
But the apps also offers some features that doesn't required login, in which the Security Manager shouldn't intercept the adapter request to worklight server. The only workaround that suggested by IBM is to create a URL mapping junction in ISAM that defines the URLs that can access by public, and those which shall not. for example /worklight/public and /worklight/secured
But the URL pattern for all worklight adapter are /worklight/invoke?adapter=ADAPTER_NAME, so do we have a way to create a customized URL for public and secured adapter, for example:
/worklight/public/invoke
/worklight/secued/invoke
EDIT 1: Worklight Version 6.0
Thanks in advance.
Please mention the version of Worklight you are using.
One way to achieve this is to create and deploy the adapters in two different projects. That way the context root of both the adapters will be different. So, you'll have URLs such as
/Project1/invoke?... and Project2/invoke?... which you can apply to your filters.