topic Re: Using OAuth2 to retrieve a valid API access token in Application Development and Automation Discussions

Using OAuth2 to retrieve a valid API access token

Former Member — Wed, 18 Dec 2019 07:33:45 GMT

Hello Experts,

We have an existing report which sends our data to external through Restful request. In which the static API-key for API authentication is used. Now we have to replace this Authentication process with OAuth2 client credential flow.

Please assist me the class/method used or any sample code for obtaining and handling the access tokens. I have gone through the SAP documents but not clear about the class/methods to be used. Also kindly let me know if any configurations required to be done. If any, then how to check if the configuration already exists in the system or not.

Thanks and Regards,

Arunagiri.

Re: Using OAuth2 to retrieve a valid API access token

Tomas_Buryanek — Wed, 18 Dec 2019 09:05:54 GMT

I had same problem and ended up doing it manually (developed it myself). I could not make the "OAuth 2.0 Client for AS ABAP" work. By the way I think there is some OAuth 2.0 support in SAP PI if you have it you can try it.

Manual (program) steps like this:

First HTTP call to retreive OAuth 2.0 token (save token + its valid period). In future token calls I am checking if it is still valid and either use valid one or do HTTP call to get a new one.
Second HTTP call is your REST request, where you put token in the HTTP header field. Similar like your static API-key.

EDIT: you might need more calls then just one "get token", depending on how is the third party implementing the OAuth flow.

Re: Using OAuth2 to retrieve a valid API access token

Former Member — Wed, 18 Dec 2019 09:32:44 GMT

Hi Tomas,

Could you please elaborate the manual step which you have used in your scenario?

In the First HTTP call - Which class/method is used to retrieve the OAuth2 token? as we need to pass the client_id, client_secret and grant_type to fetch the token.

Thanks and Regards,

Arunagiri.

Re: Using OAuth2 to retrieve a valid API access token

Tomas_Buryanek — Wed, 18 Dec 2019 09:46:19 GMT

Hello,
which class/method are you using for your current rest request? I used cl_http_client class.
Passing grant_type + authorization example:

lo_http->request->set_form_field(
   EXPORTING name  = 'grant_type'
             value = 'xyz' ). "your grant_type

lo_http->request->set_header_field(
   EXPORTING name  = 'Authorization'
             value = 'xyz' ). "your authorization (probably "Basic" + Base64 client id+secret value)

Re: Using OAuth2 to retrieve a valid API access token

Former Member — Wed, 18 Dec 2019 10:29:00 GMT

Hi Tomas,

We are using the same Cl_http_client.

I will refer your code but where do we receive the OAuth2 Token after we set the credentials/grant type using the lo_http->request->set_form_field().

So as per your logic:

First HTTP Call:

http_client->request->set_form_fields( fields = lt_credential multivalue = lv_value ).

lt_credential will have the client_id and grant_type.

Second HTTP call:

we have to pass the access token in the below method?

http_client->request->set_header_field( name = 'Authorization' value = Access-token ).

Please make me clear.

Thanks and Regards,

Arunagiri.

Re: Using OAuth2 to retrieve a valid API access token

Tomas_Buryanek — Wed, 18 Dec 2019 10:52:43 GMT

No you got it wrong. set_form_fields or set_header_field is not HTTP call.

I suggest you to study a little bit about basics of HTTP communication (request method, header fields, form fields, request body, response body, response header fields...) - when you will understand these things, then you will be ready to work with cl_http_client which is straightforward about this.

Also it is good to first try any kind of HTTP requests in POSTman or some similar HTTP client. And then when you make it work you can replicate it in ABAP.

Re: Using OAuth2 to retrieve a valid API access token

Sandra_Rossi — Wed, 18 Dec 2019 12:29:47 GMT

Please use the COMMENT button for comments, questions, adding details, etc., ANSWER is only to propose a solution, dixit SAP text at the right of the answer area. At the same time, the person will be informed of your comment (currently not).

Re: Using OAuth2 to retrieve a valid API access token

Former Member — Mon, 13 Jul 2020 09:46:08 GMT

Hi arunagiri.a

Is your issue solved?

Re: Using OAuth2 to retrieve a valid API access token

maheshboby63 — Wed, 20 Jan 2021 07:27:11 GMT

Hi arunagiri.a,

I am trying to generate a access token to upload data to the cloud. Can you please help me by providing the steps to generate the oauth token using abap code.

thanks in advance

Re: Using OAuth2 to retrieve a valid API access token

former_member322405 — Tue, 26 Jan 2021 02:07:10 GMT

Hi, I tried to use set_form_field and I also added the certifications to strust, but I am getting error code 407, SSL handshake with authentication xxxxxxxxx SSSLERR_NO_SSL_RESPONSE (-75)#Server did not respond with SSL/TLS protocol. I tested same call in postman and it did work. Please let me know if you have any recommendations on areas I should look next.

Regards, Marta

Re: Using OAuth2 to retrieve a valid API access token

Tomas_Buryanek — Tue, 26 Jan 2021 14:59:30 GMT

marta.miyazaki2 are you 100% sure that you have used correct SSL certificate?
(be careful if your company/VPN is using any king of proxy or something, which can alter the SSL)
Also check where exactly did you placed the certificate in the STRUST. There are multiple clients (folders) and maybe you use different client in your HTTP call.

Re: Using OAuth2 to retrieve a valid API access token

former_member322405 — Sun, 31 Jan 2021 15:26:38 GMT

Hi Tomas,

Yes, I downloaded the certification from all levels and loaded into STRUST SSL_server_standard. I also tried as Anonymous, by passing ssl_id = 'ANONYM' after loading in strust SSL client SSL Client (Anonymous) and I got same error. I am reading now around OAUTH to see if that works, but so far no luck