Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

Get OAuth2 access token via Javascript

Go to solution
WayneSG
Participant

on ‎2024 Jan 09 10:04 AM

0 Likes
3,934

I am using below code to fetch the token from Event Mesh server, it succeeded with no error.

However, this token is incorrect, the length is only 1601, and the correct token length shall be 1869.

This causes the next code block of publishing an event to SAP event mesh failed with unauthorized error message.

Did anyone succeed to get a correct token before? Please help, thanks.

const fetch = require('node-fetch');

async function getEMAccessToken() {
    const EMTokenURL = 'your-token-url';
    const EMClientID = 'your-client-id';
    const EMClientSecret = 'your-client-secret';

    const credentials = Buffer.from(`${EMClientID}:${EMClientSecret}`).toString('base64');

    const response = await fetch(EMTokenURL, {
        method: 'POST',
        headers: {
            'Content-Type': 'application/x-www-form-urlencoded',
            'Authorization': `Basic ${credentials}`
        },
        body: 'grant_type=client_credentials'
    });

    if (!response.ok) {
        throw new Error(`HTTP error! status: ${response.status}`);
    }

    const data = await response.json();
    return data.access_token;
}

Know the answer?

Help others by sharing your knowledge.

Answer

Need more details?

Request clarification before answering.

Show replies
Show replies
Dinu
Active Contributor
‎2024 Jan 09 12:14 PM
0 Likes

Why do you say that the token has to be of length 1869?

gregorw
SAP Mentor
SAP Mentor
‎2024 Jan 09 12:58 PM
0 Likes

If you're using CAP why to you want to establish the connection manually. Have you followed the documentation:

https://cap.cloud.sap/docs/guides/messaging/#sap-event-mesh

?

WayneSG
Participant
‎2024 Jan 09 1:02 PM
0 Likes

Hi Dinu,

Thanks for your question, While I am testing the code above, I am able to get the access token, however, in next step to publish an event to SAP Event Mesh, I always got "Unauthorized" error.

After almost several hours struggling, I finally decide to write .NET desktop application to verify the logic, and it works. Then I use the access token I have retrieved in .NET application and paste it to my Javascript code block for publishing event, it also works fine.

So I just do a comparison between the access token from Javascript code and .NET Application, then I find the length is different. Actually the first 185 characters of the access token are same.

WayneSG
Participant
‎2024 Jan 09 9:19 PM
0 Likes

Hi Gregor, thanks for your comment, the manual connection is for a special use case.

And I also try to follow the cap document on event mesh, but I encounter some issue on deploying the project onto Cloud Foundry, once I settle the deployment issue, I will try that again.

gregorw
SAP Mentor
SAP Mentor
‎2024 Jan 09 9:24 PM
0 Likes

Hi Jin,

please use comments when the part you're posing isn't a solution to the problem.

Maybe you describe us this "special use case" and we can help to find alternative solution options.

Best Regards
Gregor

Dinu
Active Contributor
‎2024 Jan 10 7:20 AM

Try decoding the tokens perhaps using JSON Web Tokens - jwt.io and check what is different between the payloads of the tokens.

Warning: Tokens are credentials. You should be aware of the risks in sharing these with external sites.

View Entire Topic
martinstenzig
Contributor
‎2024 Jan 09 6:50 PM
0 Likes

Don't know if it makes a difference, but I usually attach then credentials to the body, not the header... 

 // specify form parameters
      const formParams = new URLSearchParams()
      formParams.append('grant_type', 'client_credentials')
      formParams.append('client_id', '[clientIdValue]')
      formParams.append('client_secret', '[client secret value]')

      // Assemble the post options
      const postOptions = {
        method: 'POST',
        headers: {
          'Content-type': 'application/x-www-form-urlencoded'
        },
        body: formParams
      }

      // console.log('Post options: ', tokenUrl, post_options);
      fetch(tokenUrl, postOptions)
        .then(res => res.json())
...
Show replies
Show replies
WayneSG
Participant
‎2024 Jan 09 9:11 PM
0 Likes

Hi Martin,

Thanks for your suggestion, I follow your example, below is my revised codes. However, after testing, the result is same, it will retrieve an incorrect access token string of 1601 length.

Note: Below codes block is for reference, it does not solve the token issue.

async function getEMAccessToken() {

const EMTokenURL = tokenUrl;

const EMClientID = clientId;

const EMClientSecret = clientSecret;

// specify form parameters

const formParams = new URLSearchParams();

formParams.append('grant_type', 'client_credentials');

formParams.append('client_id', EMClientID);

formParams.append('client_secret', EMClientSecret);

// Assemble the post options

const postOptions = {

method: 'POST',

headers: {

'Content-type': 'application/x-www-form-urlencoded'

},

body: formParams

};

const response = await fetch(EMTokenURL, postOptions);

if (!response.ok) {

throw new Error(`HTTP error! status: ${response.status}`);

}

const data = await response.json();

return data.access_token;

}

Ask a Question