Question regarding the server side process

Byron_Branfield

Hi Claude

Ok :-), so I have managed to find a work around solution to use our existing object script trigger (it is effectively a server side trigger that we can fire client side). Now the advantages for us is that we are staying within our applications and can use JavaScript to do what we need. It would have to work slightly differently and I was wondering if you could tell me if it is suitable and how to get the provider_connection_token to store.

So we will not have a redirect url to redirect to, from what I can see from all the code egs all we need from the redirect is the connection_token (from the url). That token is used serverside to then request the JSON and store userids, data etc against user accounts? rbv_api.sendJSONRequest used in my code is a built in function to make JSON calls.

fyi - even though it is javascript it is being wrapped and run serverside, I am able to return the json request fine when manually using connection tokens.

So I was able to write the following:
var token = "find token from somewhere"; //var token = rbv_api.getHTTPParameter("connection_token"); var siteDomain = 'https://XXXXX.api.oneall.com'; var publicKey = 'XXXXXXXXXXXX'; var privateKey = 'XXXXXXXXXXXXX'; var siteAuth = publicKey + ":" + privateKey; var encodedSiteAuth = "XXXXXXXXXXXX"; //rbv_api.println(encodedSiteAuth); var url = siteDomain + "/connections/" + token + ".json"; //var url = siteDomain + "/connections/a51cd9c5-df0c-467d-a5fc-deccfb883d38.json"; var data = null; var method = "GET"; var contentType = "application/json; charset=UTF-8"; var header = { "Authorization" : "Basic " + encodedSiteAuth }; var request = rbv_api.sendJSONRequest(url, null, method, contentType, null, null, header); //rbv_api.println(request); var dj = JSON.parse(request); //Extract data var data = dj.response.result.data; var userId; var userToken; var identityToken; //Check for plugin if (data.plugin.key === 'social_login'){ //Operation successful if (data.plugin.data.status === 'success'){ //The user_token uniquely identifies the user //that has connected with his social network account userToken = data.user.user_token; //The identity_token uniquely identifies the social network account //that the user has used to connect with identityToken = data.user.identity.identity_token; // 1) Check if you have a userID for this token in your database //userId = GetUserIdForUserToken(userToken); // 1a) If the userID is empty then this is the first time that this user // has connected with a social network account on your website if (userId === null){ // 1a1) Create a new user account and store it in your database // Optionally display a form to collect more data about the user. //userId = {The ID of the user that you have created} // 1a2) Attach the user_token to the userID of the created account. //LinkUserTokenToUserId (userToken, userId); } // 1b) If you DO have an userID for the user_token then this user has // already connected before else{ // 1b1) The account already exists } // 2) You have either created a new user or read the details of an existing // user from your database. In both cases you should now have a $user_id // 2a) Create a Single Sign On session // $sso_session_token = GenerateSSOSessionToken ($user_token, $identity_token); // If you would like to use Single Sign on then you should now call our API // to generate a new SSO Session: http://docs.oneall.com/api/resources/sso/ // 2b) Login this user // You now need to login this user, exactly like you would login a user // after a traditional (username/password) login (i.e. set cookies, setup // the session) and forward him to another page (i.e. his account dashboard) } } else if (data.plugin.key === 'social_link'){ //Operation successfull if (data.plugin.data.status === 'success'){ //Identity linked if (data.plugin.data.action === 'link_identity'){ //The identity has been linked to the user userToken = data.user.user_token; identityToken = data.user.identity.identity_token; //Next Step: // 1] Get _your_ userid from _your_ SESSION DATA // 2] Check if the userid is linked to this user_token: GetUserIdForUserToken(user_token) // 2.1] If not linked, tie the to this userid : LinkUserTokenToUserId(user_token, user_id) // 3] Redirect the user to the account linking page } //Identity Unlinked else if (data.plugin.data.action === 'unlink_identity'){ //The identity has been unlinked from the user userToken = data.user.user_token; identityToken = data.user.identity.identity_token; //Next Step: // 1] At your convenience // 2] Redirect the user to the account linking page } } }


Then I have the following client side:

var user_token = ''; var _oneall = _oneall || []; _oneall.push(['social_link', 'set_providers', ['facebook', 'google', 'linkedin', 'twitter']]); _oneall.push(['social_link', 'set_callback_uri', window.location.href]); _oneall.push(['social_link', 'set_user_token', user_token]); _oneall.push(['social_link', 'do_render_ui', 'oa_social_login_container']);

One way I thought about receiving the connection token server side is to save the connection token to the database right before calling the above code trigger and then retrieving the connection token value to populate my token variable?? No redirect url but essentially doing the same thing am I right?

Now after authenticating a social site I get redirected to the following:
https://XXXX.api.oneall.com/socialize/redirect.html?provider_connection_token=c7a36c03-0ca7-4574-a4c1-4b19d62c1a17

How can I get that connection token client side to save it to the database to use in my server side trigger? Is there a better way of doing this given my restrictions lol

Unfortunately I have to work around a lot to get this to work. Is this a viable solution?

Claude_Schlesser

Hi Byron,

have you already seen the events?
http://docs.oneall.com/api/javascript/library/events/#on_login_end_success

You do do something like this:

- Catch the connection_token by using an event
- Use an Ajax call to pass the connection_token to your script
- Your script extracts the data

Would that suit your needs?