Authentication Extensions
Authentication extensions are part of the authentication profiles feature. The authentication extension is used when you need to provide authentication that is either not basic auth, or a static header. The authentication extension is an extension written to provide the value to a predefined header.
To get started, create an extension of the type “authheader”, and then a corresponding authentication profile of the type “Header Extension” in the authentication profiles user interface.
Extension format
You have already created an authentication profile of the type “Basic” via the authentication profiles user interface. That profile will be used in the authentication extension to return an oauth2 token.
The fetch method accepts an authProviderId, which is a reference to an authentication profile created in the authentication profiles user interface. In the example below we are requesting an oauth token from our own public API. Your extension is expected to return a “header”, and optionally a “timeout”. If the extension is uploaded via API, it should include the type “authheader”. See the example implementation below.
function generate() {
var resp = http.fetch("https://api-eu1.agillic.net/oauth2/token", {
method: "post",
authProviderId: "2c91808a94d4gsdc0194f4b51ef20000",
body: {
grant_type: "client_credentials",
},
timeout: 2000,
});
if (resp.statusCode != 200) {
logger.error(
"Got error code " +
resp.statusCode +
" back when requesting token. Response body: " +
resp.body
);
return null;
} else {
var oauthResponse = JSON.parse(resp.body);
var token = oauthResponse["access_token"];
if (token) {
var expiry = oauthResponse["expires_in"];
var res = {};
res["header"] = "Bearer " + token;
if (expiry) {
res["timeout"] = expiry | 0;
} else {
logger.warn("Did not get a timeout from the response " + resp.body);
}
return res;
} else {
logger.error("The returned data did not contain a token " + resp.body);
return null;
}
}
}