Callback Handler - Implementation question

Hi guys, I am getting a bit lost here in all this. Our environment is as follows:

Windows Server with Apache 2.4, now based on the implementation guide it uses php for the callback handler and we dont have php installed. Our product is a custom java web based application. What is the best way to implement the call back handler?

Is there a way to handle it purely with JavaScript (kind of how the php eg handles it)?

I am a bit lost on the call back handler side of things. There seems to be only two options to write the callback handler and thats via PHP sdk or the .net SDK? In the implementation guide it says... You can also find examples for callback handler scripts in our SDKs. I cant seem the find the egs to be honest.

If I can get a solution for this we will definitely be upgrading I just need to prove the solution.

Any help on this would be greatly appreciated

Best Answer

  • Claude_SchlesserClaude_SchlesserAdministratorOneAll Team
    edited April 2015 Answer ✓
    Hi Byron,

    the callback script can be written in any programming language. It's basically a script that makes an authenticated HTTP request to our API and then parses some JSON code.

    In your case the easiest solution would be to implement it in Java, here is a language independent guide:



  • edited April 2015
    Hi Claude

    Ok :-), so I have managed to find a work around solution to use our existing object script trigger (it is effectively a server side trigger that we can fire client side). Now the advantages for us is that we are staying within our applications and can use JavaScript to do what we need. It would have to work slightly differently and I was wondering if you could tell me if it is suitable and how to get the provider_connection_token to store.

    So we will not have a redirect url to redirect to, from what I can see from all the code egs all we need from the redirect is the connection_token (from the url). That token is used serverside to then request the JSON and store userids, data etc against user accounts? rbv_api.sendJSONRequest used in my code is a built in function to make JSON calls.

    fyi - even thought it is javascript it is being wrapped and run serverside, I am able to return the json request fine when manually using connection tokens.

    So I was able to write the following:
    var token = "find token from somewhere";
    //var token = rbv_api.getHTTPParameter("connection_token");

    var siteDomain = '';
    var publicKey = 'XXXXXXXXXXXX';
    var privateKey = 'XXXXXXXXXXXXX';

    var siteAuth = publicKey + ":" + privateKey;
    var encodedSiteAuth = "XXXXXXXXXXXX";


    var url = siteDomain + "/connections/" + token + ".json";
    //var url = siteDomain + "/connections/a51cd9c5-df0c-467d-a5fc-deccfb883d38.json";
    var data = null;
    var method = "GET";
    var contentType = "application/json; charset=UTF-8";
    var header = { "Authorization" : "Basic " + encodedSiteAuth };

    var request = rbv_api.sendJSONRequest(url, null, method, contentType, null, null, header);


    var dj = JSON.parse(request);

    //Extract data
    var data =;

    var userId;
    var userToken;
    var identityToken;

    //Check for plugin
    if (data.plugin.key === 'social_login'){
    //Operation successful
    if ( === 'success'){
    //The user_token uniquely identifies the user
    //that has connected with his social network account
    userToken = data.user.user_token;

    //The identity_token uniquely identifies the social network account
    //that the user has used to connect with
    identityToken = data.user.identity.identity_token;

    // 1) Check if you have a userID for this token in your database
    //userId = GetUserIdForUserToken(userToken);

    // 1a) If the userID is empty then this is the first time that this user
    // has connected with a social network account on your website
    if (userId === null){
    // 1a1) Create a new user account and store it in your database
    // Optionally display a form to collect more data about the user.
    //userId = {The ID of the user that you have created}

    // 1a2) Attach the user_token to the userID of the created account.
    //LinkUserTokenToUserId (userToken, userId);
    // 1b) If you DO have an userID for the user_token then this user has
    // already connected before
    // 1b1) The account already exists

    // 2) You have either created a new user or read the details of an existing
    // user from your database. In both cases you should now have a $user_id

    // 2a) Create a Single Sign On session
    // $sso_session_token = GenerateSSOSessionToken ($user_token, $identity_token);
    // If you would like to use Single Sign on then you should now call our API
    // to generate a new SSO Session:

    // 2b) Login this user
    // You now need to login this user, exactly like you would login a user
    // after a traditional (username/password) login (i.e. set cookies, setup
    // the session) and forward him to another page (i.e. his account dashboard)
    else if (data.plugin.key === 'social_link'){
    //Operation successfull
    if ( === 'success'){
    //Identity linked
    if ( === 'link_identity'){
    //The identity has been linked to the user
    userToken = data.user.user_token;
    identityToken = data.user.identity.identity_token;

    //Next Step:
    // 1] Get _your_ userid from _your_ SESSION DATA
    // 2] Check if the userid is linked to this user_token: GetUserIdForUserToken(user_token)
    // 2.1] If not linked, tie the to this userid : LinkUserTokenToUserId(user_token, user_id)
    // 3] Redirect the user to the account linking page
    //Identity Unlinked
    else if ( === 'unlink_identity'){
    //The identity has been unlinked from the user
    userToken = data.user.user_token;
    identityToken = data.user.identity.identity_token;

    //Next Step:
    // 1] At your convenience
    // 2] Redirect the user to the account linking page

    Then I have the following client side:

    var user_token = '';

    var _oneall = _oneall || [];
    _oneall.push(['social_link', 'set_providers', ['facebook', 'google', 'linkedin', 'twitter']]);
    _oneall.push(['social_link', 'set_callback_uri', window.location.href]);
    _oneall.push(['social_link', 'set_user_token', user_token]);
    _oneall.push(['social_link', 'do_render_ui', 'oa_social_login_container']);


    One way I thought about receiving the connection token server side is to save the connection token to the database right before calling the above code trigger and then retrieving the connection token value to populate my token variable?? No redirect url but essentially doing the same thing am I right?

    Now after authenticating a social site I get redirected to the following:

    How can I get that connection token client side to save it to the database to use in my server side trigger? Is there a better way of doing this given my restrictions lol

    Unfortunately I have to work around a lot to get this to work. Is this a viable solution?


Please sign in to your OneAll account to ask a new question or to contribute to the discussions.

Please click on the link below to connect to the forum with your OneAll account.