Forge External with OAuth 2.0 - How to get Auth token to pass as Authorization header

Forge Forge UI Kit and Custom UI
,
1

Hello All,

I need to fetch information from our internal system and display in confluence using a macro.

I am able to get profile information by following this example [microsoft forge ]

I need to pass the Authentication token to my API . But the microsoft.listCredentials() method throwing not implemented error.

{
hasCredentials: [AsyncFunction: hasCredentials],
getAccount: [AsyncFunction: getAccount],
requestCredentials: [AsyncFunction (anonymous)],
listCredentials: [Function: throwNotImplementedError],
listAccounts: [AsyncFunction: listAccounts],
asAccount: [Function: asAccount],
fetch: [Function (anonymous)]
}

My manifest.yml

providers:
  auth:
    - key: microsoft
      name: microsoft
      scopes:
        - User.Read
        - offline_access
      type: oauth2
      clientId: *********************
      remotes:
        - microsoft-graph
        - internal-api
      bearerMethod: authorization-header
      actions:
        authorization:
          remote: microsoft-login
          path: /tenant-id/oauth2/v2.0/authorize
        exchange:
          remote: microsoft-login
          path: /tenant-id/oauth2/v2.0/token
          resolvers:
            accessToken: access_token
            accessTokenExpires: expires_in
            refreshToken: refresh_token
        retrieveProfile:
          remote: microsoft-graph
          path: /v1.0/me
          resolvers:
            id: id
            displayName: displayName
remotes:
  - key: microsoft-login
    baseUrl: https://login.microsoftonline.com
  - key: microsoft-graph
    baseUrl: https://graph.microsoft.com
  - key : internal-api
    baseUrl: https://api.myorg.com
permissions:
  external:
    fetch:
      backend:
        - https://login.microsoftonline.com
        - https://graph.microsoft.com
        - https://api.myorg.com

Any help will be greatly appreciated.

Thanks

2

What is it you want to list the credentials for? To make a call to a given API with a given authentication provider, I would think the other functions would work as in the example. You’d just adjust the API they’re calling.

3

Hello @AaronCollier , Thank you for your reply.
I tried calling my api from the resolver but getting a 401 error. (FYI Microsoft API returning a 200 )
So trying to find out what went wrong. its might be token issue.

Is there anyway to get the tokens in console ?

Thanks

4

I don’t know of any way to do that, I would guess for security reasons. Perhaps if you shared how you’re calling the API someone could help you debug :person_shrugging:

5

Hello @AaronCollier ,
Thanks again for taking time to check this issue .
It might be an issue with the internal tool, checking with the respective team.

Thanks

6

Hello @AaronCollier ,

Our application requires an application specific scope to be passed to the exchange
parametrs

I followed the instruction mentioned in here , but i don’t know how to pass client_secret without hardcoding it or reading it from .env file.

exchange:
          remote: microsoft-login
          path: /<tanantid>/oauth2/v2.0/token
          overrides:
            headers:
              grant_type: client_credentials
              scope: api://custom-validator/.default  
              client_secret: '{{client_secret}}'
              client_id: '{{client_id}}'

Any help will be appreciated.
Regards,
Ritu

7

You can specific default values in the environment section of the manifest and then use them like this:

exchange:
    ...
   client_secret: '${CLIENT_SECRET}`
environment:
  variables:
    - key: CLIENT_SECRET
      default: "default"

Anything set in the environment itself (such as exporting before a command) will override the default.