S3
- Joe Kanaan (Unlicensed)
- peter eid (Unlicensed)
- Wissam El-Khoury (Unlicensed)
- Michel El Hajj (Unlicensed)
Introduction
The S3 service builds on the S2 service. In S3, we add oAuth into the equation.
If oAuth is still running from the /wiki/spaces/~mike/pages/19759116, let's stop the service and start it again with the jsconf profile. In the terminal window that was running oAuth, enter the following commands:
# go to correct directory cd /opt/soajs/node_modules/soajs.oauth # export necessary environment variables export SOAJS_PROFILE=/opt/soajs/node_modules/soajs.utilities/data/jsconf/profile.js export SOAJS_ENV=test export SOAJS_SRVIP=127.0.0.1 # start service node .
Code Walkthrough
This page shows you how to interact with the s3 service after you install it and run it.
The code walkthrough is located in a sub page and explained in depth. Click here to learn more about how the code works
Interacting with S3 service
Service S3 builds on service S2. If you notice the config and index files are almost identical. The one main difference between S2 and S3 is that S3 makes use of oAuth.Â
Let's start the oAuth service, as well as the S3 service and learn about how SOAJS uses oAuth to protect our APIs:
In a new terminal window, enter the following:
# go to correct directory cd /opt/soajs/node_modules/soajs.jsconf/services/s3 # export necessary environment variables export SOAJS_PROFILE=/opt/soajs/node_modules/soajs.utilities/data/jsconf/profile.js export SOAJS_ENV=test export SOAJS_SRVIP=127.0.0.1 # start service node .
Let's call one of the APIs in S3:
curl -X GET -H "key: 4f9b4dbc4c8178a3983b8c0d42cd42d30e63f910ac5e4e51843b542c34d1f6790eda4c8b425470cb71ad6eed58787f59d1b9d8abd9cb43ddc1086641779752348c436a5e6d79c74b2aa59feaf4ecf1db868c7f77383d33b30208c8e31729b857" "http://test-api.mydomain.com/jsconf3/hello?email=team@soajs.org"
{"result":false,"errors":{"codes":[400],"details":[{"code":400,"message":"The access token was not found"}]}}
This is expected as we have not provided the correct access token in our request, so the framework blocks access to the API.
Let's see how we can generate an access code and use it subsequently:
curl -X GET http://test-api.mydomain.com/oauth/authorization -H "key: 4f9b4dbc4c8178a3983b8c0d42cd42d30e63f910ac5e4e51843b542c34d1f6790eda4c8b425470cb71ad6eed58787f59d1b9d8abd9cb43ddc1086641779752348c436a5e6d79c74b2aa59feaf4ecf1db868c7f77383d33b30208c8e31729b857"
{"result":true,"data":"Basic NTcxMjAxMTAxZWJmMzQwNDFjMGIwNjI3Om9hdXRoc2VjcmV0"}
curl -X POST -H "key: 4f9b4dbc4c8178a3983b8c0d42cd42d30e63f910ac5e4e51843b542c34d1f6790eda4c8b425470cb71ad6eed58787f59d1b9d8abd9cb43ddc1086641779752348c436a5e6d79c74b2aa59feaf4ecf1db868c7f77383d33b30208c8e31729b857" -H "Authorization: Basic NTcxMjAxMTAxZWJmMzQwNDFjMGIwNjI3Om9hdXRoc2VjcmV0" -H "Content-Type: application/x-www-form-urlencoded" -d 'username=myuser&password=password&grant_type=password' "http://test-api.mydomain.com/oauth/token"
{"token_type":"bearer","access_token":"f9525e6257e64aa3c2d90f8e57c03f4bfc86e64d","expires_in":3600,"refresh_token":"1495c6b92122edcd1105751b6d57cdb6e275062b"}
When we hit the oAuth API /oauth/token, the service responds with an access_token. If take this access token and place it in our original request, we should get a successful response:
curl -X GET -H "key: 4f9b4dbc4c8178a3983b8c0d42cd42d30e63f910ac5e4e51843b542c34d1f6790eda4c8b425470cb71ad6eed58787f59d1b9d8abd9cb43ddc1086641779752348c436a5e6d79c74b2aa59feaf4ecf1db868c7f77383d33b30208c8e31729b857" "http://test-api.mydomain.com/jsconf3/hello?email=team@soajs.org&access_token=f9525e6257e64aa3c2d90f8e57c03f4bfc86e64d"
{"result":true,"data":"John Doe <team@soajs.org> "}