Connection to the external endpoints is only possible if OAuth2 parameters are specified. Trillo utilizes four types of OAuth2 grants as mentioned below.
grant_type | Description |
---|---|
password | Resource Owner Password Credentials: User credentials are required along with client |
client_credentials | Only client credentials needs to be provided |
authorization_code | Authorization code is enough for authentication |
implicit | Authentication will happen implicitly |
Further information about the grants can be found here - https://oauth.net/2/grant-types/
The rest of properties are described below.
Property | Type | Description |
---|---|---|
oauthUrl | string | Server URL for authentication and authorization |
tokenUrl | string | Token URL |
client_id | string | Client name/id |
client_secret | string | Client secret |
username | string | User name/id |
password | string | Password associated with the user |
scope | string | OAuth2 Scopes |
userProfileApiSpecs | string | API required to provide basic user profile (first and last name, email, etc) |
Notice that client and user credentials (along with other info) are user's property and will remain inside their secure repository.
"props" : {
"grant_type" : "password",
"oauthUrl" : "authentication URL",
"tokenUrl" : "token URL",
"client_id" : "client ID",
"client_secret" : "client secret",
"username" : "username if provided",
"password" : "password is provided"
"scope" : "scope1,scope2"
}
When a user login happen thru the social account, a set of APIs are needed to obtained basic user's profile. The following snippet shows two such APIs. Trillo obtains the json response and feeds it to user-defined transformation functions. The purpose of individual functions to extract a map of "firstName", "lastName", "emailAddress", "pictureURL" and "externalId". These transformation functions must be defined in the same application where the service definition exists.
"userProfileApiSpecs" : [
{
"url" : "https://api.linkedin.com/v2/me?projection=(id,firstName,lastName,profilePicture(displayImage~:playableStreams))",
"transformationFunction" : "userProfileMapper"
},
{
"url" : "https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~))",
"transformationFunction" : "userEmailMapper"
}
Here is an example of a typical transformation function ("userProfileMapper"). Notice that it is returning a map which includes the first name and last name. The right hand side of the transformation reads the json document returned by the invoking the associated API.
import java.util.Map;
import java.util.HashMap;
Map map = new HashMap();
map.put("firstName", v.firstName.localized.en_US);
map.put("lastName", v.get("lastName").localized.en_US);
map.put("externalId", v.get("id"));
map.put("pictureUrl", v.profilePicture.get("displayImage~").elements[0].identifiers[0].identifier);
map;