Introduction

The S3 service builds on the S2 service. In S3, we add oAuth into the equation.

If oAuth is still running from the /wiki/spaces/~mike/pages/19759116, let's stop the service and start it again with the jsconf profile. In the terminal window that was running oAuth, enter the following commands:

Start oAuth service

# go to correct directory
cd /opt/soajs/node_modules/soajs.oauth

# export necessary environment variables
export SOAJS_PROFILE=/opt/soajs/node_modules/soajs.utilities/data/jsconf/profile.js
export SOAJS_ENV=test
export SOAJS_SRVIP=127.0.0.1

# start service
node .

Code Walkthrough

This page shows you how to interact with the s3 service after you install it and run it.

The code walkthrough is located in a sub page and explained in depth. Click here to learn more about how the code works

Interacting with S3 service

Service S3 builds on service S2. If you notice the config and index files are almost identical. The one main difference between S2 and S3 is that S3 makes use of oAuth.

Let's start the oAuth service, as well as the S3 service and learn about how SOAJS uses oAuth to protect our APIs:

In a new terminal window, enter the following:

Start oAuth service

# go to correct directory
cd /opt/soajs/node_modules/soajs.jsconf/services/s3


# export necessary environment variables
export SOAJS_PROFILE=/opt/soajs/node_modules/soajs.utilities/data/jsconf/profile.js
export SOAJS_ENV=test
export SOAJS_SRVIP=127.0.0.1


# start service
node .

Let's call one of the APIs in S3:

curl -X GET -H "key: 4f9b4dbc4c8178a3983b8c0d42cd42d30e63f910ac5e4e51843b542c34d1f6790eda4c8b425470cb71ad6eed58787f59d1b9d8abd9cb43ddc1086641779752348c436a5e6d79c74b2aa59feaf4ecf1db868c7f77383d33b30208c8e31729b857" "http://test-api.mydomain.com/jsconf3/hello?email=team@soajs.org"

Response

{"result":false,"errors":{"codes":[400],"details":[{"code":400,"message":"The access token was not found"}]}}

This is expected as we have not provided the correct access token in our request, so the framework blocks access to the API.

Let's see how we can generate an access code and use it subsequently:

Get the authorisation key

curl -X GET http://test-api.mydomain.com/oauth/authorization -H "key: 4f9b4dbc4c8178a3983b8c0d42cd42d30e63f910ac5e4e51843b542c34d1f6790eda4c8b425470cb71ad6eed58787f59d1b9d8abd9cb43ddc1086641779752348c436a5e6d79c74b2aa59feaf4ecf1db868c7f77383d33b30208c8e31729b857"

Response

{"result":true,"data":"Basic NTcxMjAxMTAxZWJmMzQwNDFjMGIwNjI3Om9hdXRoc2VjcmV0"}

Get the access token

curl -X POST -H "key: 4f9b4dbc4c8178a3983b8c0d42cd42d30e63f910ac5e4e51843b542c34d1f6790eda4c8b425470cb71ad6eed58787f59d1b9d8abd9cb43ddc1086641779752348c436a5e6d79c74b2aa59feaf4ecf1db868c7f77383d33b30208c8e31729b857" -H "Authorization: Basic NTcxMjAxMTAxZWJmMzQwNDFjMGIwNjI3Om9hdXRoc2VjcmV0" -H "Content-Type: application/x-www-form-urlencoded" -d 'username=myuser&password=password&grant_type=password' "http://test-api.mydomain.com/oauth/token"

Response

{"token_type":"bearer","access_token":"f9525e6257e64aa3c2d90f8e57c03f4bfc86e64d","expires_in":3600,"refresh_token":"1495c6b92122edcd1105751b6d57cdb6e275062b"}

When we hit the oAuth API /oauth/token, the service responds with an access_token. If take this access token and place it in our original request, we should get a successful response:

curl -X GET -H "key: 4f9b4dbc4c8178a3983b8c0d42cd42d30e63f910ac5e4e51843b542c34d1f6790eda4c8b425470cb71ad6eed58787f59d1b9d8abd9cb43ddc1086641779752348c436a5e6d79c74b2aa59feaf4ecf1db868c7f77383d33b30208c8e31729b857" "http://test-api.mydomain.com/jsconf3/hello?email=team@soajs.org&access_token=f9525e6257e64aa3c2d90f8e57c03f4bfc86e64d"

Response

{"result":true,"data":"John Doe <team@soajs.org> "}

Browser not supported