Tcl
Tcl
RSAP Union API - Get OAuth2 Access Token
See more _Miscellaneous_ Examples
Demonstrates how to get an OAuth2 access token for the RSAP Union API. Note: This uses the client credentials flow, which does NOT require an interactive engagement using a browser.Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
set http [new_CkHttp]
# The following JSON is sent in the request body.
# {
# "grant_type": "client_credentials",
# "client_id": 1234,
# "client_secret": "23456abcde"
# }
set json [new_CkJsonObject]
CkJsonObject_UpdateString $json "grant_type" "client_credentials"
CkJsonObject_UpdateInt $json "client_id" 1234
CkJsonObject_UpdateString $json "client_secret" "23456abcde"
CkHttp_SetRequestHeader $http "Content-type" "application/json"
# Add the client certificate TLS authentication.
set cert [new_CkCert]
set success [CkCert_LoadFromFile $cert "qa_data/certs_and_keys/union_client_certificate.crt"]
if {$success == 0} then {
puts [CkCert_lastErrorText $cert]
delete_CkHttp $http
delete_CkJsonObject $json
delete_CkCert $cert
exit
}
set privKey [new_CkPrivateKey]
set success [CkPrivateKey_LoadAnyFormatFile $privKey "qa_data/certs_and_keys/union_client_certificate.nopass.key" ""]
if {$success == 0} then {
puts [CkPrivateKey_lastErrorText $privKey]
delete_CkHttp $http
delete_CkJsonObject $json
delete_CkCert $cert
delete_CkPrivateKey $privKey
exit
}
# Associate the private key with the cert.
# This will fail if the private key is not actually the correct one that corresponds to the public key stored within the cert.
set success [CkCert_SetPrivateKey $cert $privKey]
if {$success == 0} then {
puts [CkCert_lastErrorText $cert]
delete_CkHttp $http
delete_CkJsonObject $json
delete_CkCert $cert
delete_CkPrivateKey $privKey
exit
}
# Tell HTTP to use the cert for client TLS certificate authentication.
set success [CkHttp_SetSslClientCert $http $cert]
if {$success == 0} then {
puts [CkHttp_lastErrorText $http]
delete_CkHttp $http
delete_CkJsonObject $json
delete_CkCert $cert
delete_CkPrivateKey $privKey
exit
}
set resp [new_CkHttpResponse]
set success [CkHttp_HttpJson $http "POST" "https://api-test.rsap.ca/oauth/token" $json "application/json" $resp]
if {$success == 0} then {
puts [CkHttp_lastErrorText $http]
delete_CkHttp $http
delete_CkJsonObject $json
delete_CkCert $cert
delete_CkPrivateKey $privKey
delete_CkHttpResponse $resp
exit
}
set sbResponseBody [new_CkStringBuilder]
CkHttpResponse_GetBodySb $resp $sbResponseBody
set jResp [new_CkJsonObject]
CkJsonObject_LoadSb $jResp $sbResponseBody
CkJsonObject_put_EmitCompact $jResp 0
puts "Response Body:"
puts [CkJsonObject_emit $jResp]
set respStatusCode [CkHttpResponse_get_StatusCode $resp]
puts "Response Status Code = $respStatusCode"
if {$respStatusCode >= 400} then {
puts "Response Header:"
puts [CkHttpResponse_header $resp]
puts "Failed."
delete_CkHttp $http
delete_CkJsonObject $json
delete_CkCert $cert
delete_CkPrivateKey $privKey
delete_CkHttpResponse $resp
delete_CkStringBuilder $sbResponseBody
delete_CkJsonObject $jResp
exit
}
# Sample JSON response:
# (Sample code for parsing the JSON response is shown below)
# {
# "token_type": "Bearer",
# "expires_in": 3600,
# "access_token": "eyJ0eXAi...LnE"
# }
# This token expires in 1 hour. Your application could re-use the same token for up to an hour,
# or it can simply get a new access token before each request (if you're not doing too many requests).
set success [CkJsonObject_WriteFile $jResp "qa_data/tokens/rsapToken.json"]
delete_CkHttp $http
delete_CkJsonObject $json
delete_CkCert $cert
delete_CkPrivateKey $privKey
delete_CkHttpResponse $resp
delete_CkStringBuilder $sbResponseBody
delete_CkJsonObject $jResp