• willywu
  • NEWBIE
  • 50 Points
  • Member since 2009

  • Chatter
    Feed
  • 2
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 0
    Questions
  • 11
    Replies

Hi, we have a fully standalone web site (not force.com) that allows us to register customer portal users and log in, etc all from within the site using back end api calls.

 

We also have a force.com site for our customer portal where users can view cases, etc.  I am wondering if there is a way to transfer the login session from the external site to the native force.com site without having the user have to log back in to the force.com site.

 

For example, the user logs in to our external site, then wants to access the customer portal.  They click a link on our external site that takes them to our salesforce customer portal without them having to log back in.

 

Possible? 

Hi,

 

We implemented OAuth 2.0 using Web Server Authentication Flow. It was working fine in October/November but all of a sudden it has stopped working. Whenever we try authorising a new client the server return (400) Bad Request with the body

 

{"error":"unsupported_grant_type","error_description":"grant type not supported"}

 

grant_type is set as authorization_code which is definitely valid.

 

Is there any reason why OAuth would suddenly stop working?

 


This is how we have implemented OAuth:

 

First user is directed to: https://login.salesforce.com/services/oauth2/authorize?response_type=code&client_id=blah.id&redirect_uri=https://domain.com/Web/Salesforce/Callback.aspx&scope=api%20refresh_token

 

User is prompted by Salesforce to login to their account.

 

Once user is authenticated Salesforce calls Callback.aspx, Callback.aspx requests refresh token on behalf of the client by making a POST request to: https://login.salesforce.com/services/oauth2/token with the payload:

grant_type=authorization_code&code=blah.code&client_id=blah.Id&client_secret=11111111&redirect_uri=https://domain.com/Web/Salesforce/Callback.aspx

 

Content type is definitely: application/x-www-form-urlencoded

 

Many thanks,

Hi,

 

We have created a site using visual force pages and assigned it to login to Customer portal.

We are able to login to this site and access all pages and all testing is done.

 

Now we are trying to setup a SSO between the Customers website and the customer portal.

 

OpenSSO has been setup already as the identity provider. SAML assertions have been created. The whole setup was done referring to  https://login.salesforce.com/help/doc/en/sso_sites.htm .

 

SAML2.0 assertion values has ORG ID, Portal ID and Site URL values.

 

We first call the openSSO login url and authentiate by proviing a username/password

Then in the same browser session, when we call the  url to redirect to customer portal, it takes us to the default portal, not the Customized site.

 

What changes, should be done to take the user to the customized customer portal visual force page.

 

thanks in advance.

 

Anand

Hi, I am trying to get the access token in Java and following the instructions on http://www.salesforce.com/us/developer/docs/chatterapi/index.htm
But I continuously get this error:

{"error":"unsupported_grant_type","error_description":"grant type not supported"}

 

My codes are here:

 

 

package admin;

 

import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;

 

import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.DefaultHttpClient;
import org.json.simple.JSONObject;
import org.json.simple.JSONValue;

 

import com.google.gson.Gson;

 

public class REST
{
String authURL = "https://login.salesforce.com/services/oauth2/authorize";
String tokenURL = "https://na14.salesforce.com/services/oauth2/token";
public static void main(String[] args) throws ClientProtocolException, IOException
{
REST rest = new REST();
}

public REST() throws ClientProtocolException, IOException
{
HttpClient httpclient = new DefaultHttpClient();
HttpPost post = new HttpPost(tokenURL);
post.getParams().setParameter("client_id", "3MVG9rFJvQRVOvk6sl7xMXtrbyQb2XUv2vprLKWv0uxBLKFzNqtHJG6cmzuemPYDB3hPwqXsBlw0BGQPkb81P");
post.getParams().setParameter("client_secret", "4864720658246552438");
post.getParams().setParameter("grant_type", "password");
post.getParams().setParameter("username", "XXXX");
post.getParams().setParameter("password", "XXXX");
post.getParams().setParameter("redirect_uri", "https://login.salesforce.com/services/oauth2/success");
HttpResponse response = httpclient.execute(post);
JSONObject json = (JSONObject) JSONValue.parse(new InputStreamReader (response.getEntity().getContent()));
System.out.println(json);
}
}

 

I'm using OAuth in an iPhone application using the standard iOS toolkit. If there is a scheduled maintence notification presented after login, the view is not optimised for the mobile screen. The user is presented with an almost completely white screen, and must scroll through to dismiss the message.

 

As far as I can see, there is no method for managing the window size on that notification. Is there a formatting option I'm missing? Any way to supress maintenance notifications in OAuth on a mobile device? Thanks.

 

Vincent

I am trying  for the Oauth  Code.It is Working fine with linkedin oauth api but  when i try with the salesforce it throws an error 'Signature invalid'. I tried with the get and post methods but not able to resolve this methods.can anyone any idea about  how to get the request token.

 

 

string stroauth_signature_method = "HMAC-SHA1";

            string stroauth_version = "1.0";

            string outUrl = "";

            string querystring = "";

            string consumerKey = "3MVG9Y6d_Btp4xp5HE.zoyjqpLRQO7n9twJD9LCyT6DAfnpxkv5EmtHIaxkM5duimUltRtubV8Aa4OexNatwT";

            string consumerSecret = "1964943390161656075";

            //Uri uri = new Uri(@"https://api.linkedin.com/uas/oauth/requestToken");

            Uri uri = new Uri(@"https://login.salesforce.com/_nc_external/system/security/oauth/RequestTokenHandler");

            Uri uri1 = new Uri(@"https://login.salesforce.com");

 

            OAuthBase oAuth = new OAuthBase();

            string nonce = oAuth.GenerateNonce();

            string timeStamp = oAuth.GenerateTimeStamp();

            string sig = oAuth.GenerateSignature(uri, consumerKey, consumerSecret, string.Empty, string.Empty, "POST", timeStamp, nonce,OAuth.OAuthBase.SignatureTypes.HMACSHA1, out outUrl, out querystring);

            sig = HttpUtility.UrlEncode(sig);

            StringBuilder sb = new StringBuilder();

            sb.AppendFormat("oauth_consumer_key={0}", consumerKey);

            sb.AppendFormat("&oauth_nonce={0}", nonce);

            sb.AppendFormat("&oauth_signature_method={0}", stroauth_signature_method);

            sb.AppendFormat("&oauth_signature={0}", sig);

            sb.AppendFormat("&oauth_timestamp={0}", timeStamp);          

            sb.AppendFormat("&oauth_version={0}", stroauth_version);           

            sb.AppendFormat("&oauth_callback={0}", "oob");

            //uri = new Uri(sb.ToString());

            //sb.AppendFormat("&oauth_token={0}", "11111111");

            HttpWebRequest request = System.Net.WebRequest.Create(uri.ToString()) as HttpWebRequest;

            //HttpWebRequest request = (HttpWebRequest)WebRequest.Create(uri.ToString());

            request.Method = "POST";

            request.ContentType = "application/x-www-form-urlencoded";

            //request.Headers.Add("oauth_consumer_key", consumerKey);

            //request.Headers.Add("oauth_nonce", nonce);

            //request.Headers.Add("oauth_timestamp", timeStamp);

            //request.Headers.Add("oauth_signature_method", stroauth_signature_method);

            //request.Headers.Add("oauth_version", stroauth_version);

            //request.Headers.Add("oauth_signature", sig);

            //request.Headers.Add("oauth_callback", "oob");

            request.Headers.Add("Authorization", "OAuth oauth_consumer_key=\"" + consumerKey + "\",oauth_signature_method=\"HMAC-SHA1\",oauth_signature=\"" + sig + "\",oauth_timestamp=\"" + "1191242096" + "\",oauth_nonce=\"" + nonce + "\", oauth_version=\"1.0\",oauth_callback=\"oob\"");

            //request.Credentials = CredentialCache.DefaultCredentials;

            HttpWebResponse response = (HttpWebResponse)request.GetResponse();

            //using (HttpWebResponse response = request.GetResponse() as HttpWebResponse)

            //{

            //    using (TextReader reader = new StreamReader(response.GetResponseStream()))

            //    {

            //        ///oauthtokendata = HttpUtility.ParseQueryString(reader.ReadToEnd());

            //    }

            //}

Hi -

 

I have been trying for awhile to get oauth working between salesforce and my application.  I have experience getting oauth to work with Twitter and Youtube, so I figured this would be easy... 

 

BTW, I have set up Remote Access in my salesforce setup.  

 

I'm having problems on the very first step of the oauth process. This is what I am sending to get the RequestToken (I added the returns for clarity after the &'s)

 

https://login.salesforce.com/_nc_external/system/security/oauth/RequestTokenHandler?oauth_consumer_key=<My key>&
oauth_nonce=8114382&
oauth_signature_method=HMAC-SHA1&
oauth_timestamp=1266716665&
oauth_version=1.0&
oauth_callback=https%3A%2F%2Fwww.catchthecloud.com%2FSalesforceOAuth.aspx&
oauth_signature=fH85OWR29G3IXSp1sc3uf4WMD7w%3D

 

This seems to be correct as per: https://ap1.salesforce.com/help/doc/user_ed.jsp?loc=help&section=help&hash=access_data&target=remoteaccess_authenticate.htm

 

However, I'm getting a 400 - bad request error when sending it.

 

The C# code that I am using to generate this string is as follows:

 

   

Uri uri = new Uri("https://login.salesforce.com/"); string nonce = this.GenerateNonce(); string timeStamp = this.GenerateTimeStamp(); //Generate Signature string sig = this.GenerateSignature(uri, this.ConsumerKey, this.ConsumerSecret, this.Token, this.TokenSecret, method.ToString(), timeStamp, nonce, out outUrl, out querystring); querystring += "&" + this.UrlEncode("oauth_callback") + "=" + this.UrlEncode("https://www.catchthecloud.com/SalesforceOAuth.aspx"); querystring += "&" + this.UrlEncode("oauth_signature") + "=" + this.UrlEncode(sig); NameValueCollection oauthtokendata = null; HttpWebRequest request = System.Net.WebRequest.Create(url+"?"+querystring) as HttpWebRequest; using (HttpWebResponse response = request.GetResponse() as HttpWebResponse) { using (TextReader reader = new StreamReader(response.GetResponseStream())) { oauthtokendata = HttpUtility.ParseQueryString(reader.ReadToEnd()); } }

 

Towards the bottom of this code, I do a call to request.GetResponse(), and that's where it dies.  If I take the string that's been created and stick it in the address bar of a browser, I get the following response:

 

 1702Failed: Missing Consumer Key Parameter

 

 

On the first line of this code, --
Uri uri = new Uri("https://login.salesforce.com/");

 

 

 I have used several variations of Uri's in attempts to make this work, including https://login.salesforce.com/_nc_external/system/security/oauth/RequestTokenHandler, but nothing seems to work.

 

 

 

 

 

 

So -- hopefully someone can give me a tip to get this thing to work... I feel like I'm pretty close!

 

 

 

Thanks,

Beth 

 

 

 

 

 

 

 

I'm trying to set up a remote access application so I can use OAuth and then the API from my application. I set up a brand-new developer account today and followed the instructions here:

 

https://na7.salesforce.com/help/doc/user_ed.jsp?section=help&target=remoteaccess_authenticate.htm&loc=help&hash=access_data

 

I'm using an OAuth library in Ruby (the 'oauth' gem).

 

So far, I've been able to succesfully retrieve a request token, and when I use that token I can authenticate with salesforce using the login URL metnioned. However, after succesful login my browser gets redirected to an error page (it looks like a few redirects happen, but I can't tell exactly). Finally I get an error message that says "Remote Access Authorization Error" and then "There was a problem setting up your remote access". The URL in the browser looks like this:

 

https://na7.salesforce.com/setup/secur/RemoteAccessErrorPage.apexp?oauth_error_code=1800

 

This error code, alas, is not listed amongst those in the documentation.

 

This happens whether I go through the login step as my developer user, or as a friend's user on an Enterprise account.

 

Any ideas about what's going on here?

 

I can't seem to get past this problem.  Any ideas?

 

Thanks,

Mike

Has anybody succesfully used OAuth for obtaining a sessionId for use with the API in Winter '10?

 

I've been able to get so far as to generate a valid OAuth access token, but I haven't yet been able to use that access token to get an API session id and I suspect the documentation may not be accurate or complete.

 

A few observations I've made: 

 

  • The documentation says the url is https://login.salesforce.com/services/OAuth/type/api-version.  Where type is "c" for the Partner WSDL and "u" for the enterprise WSDL.  This is the reverse of the normal SOAP API, and I assume it is a mistake, but can't verify since I can't get a session id.
  • The documentation says that "authorization header must have the following parameters" when referring to the request to obtain the session.  I take this to mean that one must use the Authorization HTTP header and not POST parameters to obtain the session id.  However, I've not had success with either.
  • If I do not use the authorization header and post the oauth parameters in the body, I get a response of LOGIN_OAUTH_INVALID_DSIG, indicating a bad signature.  Even though I'm using the same code to sign the request as I do for generating the request and access tokens.
  • If I instead use the Authorization HTTP header I get the error LOGIN_OAUTH_METHOD_NOT_SUPPORTED indicating I must use http POST, even though I already am.  Note, in this case the post body is empty.
 
If anybody has got this last step working it would be very helpful to know how you constructed the request.  Did you use the authorization header?  What were the contents of the POST?  Did you do anything special when generating your signature, in particular the generation of the OAuth Signature Base String and the key used for the signature (I'm using both the consumer and token secrets per the spec). 

 

Thanks,

 

George