Passing client side tokens serverside ( OAuth 2 In

Posted by ByronB on 22-Apr-2015 12:08

Hi there

I am busy trying to integrate with RB private cloud, OneAll basically an all in one endpoint for 120+ social media sites.

Based on this post it is suggested we can use the HTTP Get and HTTP POST triggers to achieve OAuth2 authentication:

All OAuth 2 require server side token processing and authentication which require a redirect url (callback handler).

With OneAll this has been simplified somewhat but still requires server side code to process the returned token and JSON response.

I have written and Object script using rbv_api.sendJSONRequest to send my connection requests:

var token;

var siteDomain = '';
var publicKey = '114696e7';
var privateKey = '701489da-';

var siteAuth = publicKey + ":" + privateKey;
var encodedSiteAuth = "MTE0Njk2ZTctODMyZC00Mm";


//var url = siteDomain + "/connections/" + token + ".json";
var url = siteDomain + "/connections/a51cd9c5-df0c-467d-a5fc-deccfb883d38.json";
var data = null;
var method = "GET";
var contentType = "application/json; charset=UTF-8";
var header = { "Authorization"   :  "Basic " +  encodedSiteAuth };

var request = rbv_api.sendJSONRequest(url, null, method, contentType, null, null, header);


var dj = JSON.parse(request);

//Extract data
var data =;

var userId;
var userToken;
var identityToken;
//Check for plugin
if (data.plugin.key === 'social_login'){
	//Operation successful
	if ( === 'success'){
		//The user_token uniquely identifies the user 
		//that has connected with his social network account
		userToken = data.user.user_token;

		//The identity_token uniquely identifies the social network account 
		//that the user has used to connect with
		identityToken = data.user.identity.identity_token;       

		// 1) Check if you have a userID for this token in your database
		//userId = GetUserIdForUserToken(userToken);

		// 1a) If the userID is empty then this is the first time that this user 
		// has connected with a social network account on your website
		if (userId === null){
			// 1a1) Create a new user account and store it in your database
			// Optionally display a form to collect  more data about the user.
			//userId = {The ID of the user that you have created}

			// 1a2) Attach the user_token to the userID of the created account.
			//LinkUserTokenToUserId (userToken, userId);
		// 1b) If you DO have an userID for the user_token then this user has
		// already connected before
			// 1b1) The account already exists

		// 2) You have either created a new user or read the details of an existing
		// user from your database. In both cases you should now have a $user_id 

		// 2a) Create a Single Sign On session
		// $sso_session_token = GenerateSSOSessionToken ($user_token, $identity_token); 
		// If you would like to use Single Sign on then you should now call our API
		// to generate a new SSO Session:
		// 2b) Login this user
		// You now need to login this user, exactly like you would login a user
		// after a traditional (username/password) login (i.e. set cookies, setup 
		// the session) and forward him to another page (i.e. his account dashboard)    
else if (data.plugin.key === 'social_link'){
  //Operation successfull
	if ( === 'success'){
		//Identity linked
		if ( === 'link_identity'){
			//The identity <identity_token> has been linked to the user <user_token>
			userToken = data.user.user_token;
			identityToken = data.user.identity.identity_token;

			//Next Step:
			// 1] Get _your_ userid from _your_ SESSION DATA
			// 2] Check if the userid is linked to this user_token: GetUserIdForUserToken($user_token)
			// 2.1] If not linked, tie the <user_token> to this userid : LinkUserTokenToUserId(user_token, user_id)
			// 3] Redirect the user to the account linking page
		//Identity Unlinked
		else if ( === 'unlink_identity'){
			//The identity <identity_token> has been unlinked from the user <user_token>
			userToken = data.user.user_token;
			identityToken = data.user.identity.identity_token;

			//Next Step:
			// 1] At your convenience
			// 2] Redirect the user to the account linking page

On the client side (this is the initial authentication), we have the following provided by OneAll:

<!-- The plugin will be embedded into this div //-->
<div id="oa_social_login_container"></div>

<script type="text/javascript">

<!-- The user_token of the currently logged in user //-->
var user_token = '';

var _oneall = _oneall || [];
_oneall.push(['social_link', 'set_providers', ['facebook', 'google', 'linkedin', 'twitter']]);
_oneall.push(['social_link', 'set_callback_uri', window.location.href]); //this would normally be a callback url
_oneall.push(['social_link', 'set_user_token', user_token]);
_oneall.push(['social_link', 'do_render_ui', 'oa_social_login_container']);

One the user authenticates the user is supposed to be redirected to a callback url with the api token in the url, now effectively we dont have a call back url as the serverside code is in an object script. How can I pass the authenticated token through to the Object script to process the requested JSON?

Even if you used the HTTP Get trigger how are you supposed to pass the returned token back into the trigger for OAUth 2 authentication?

All Replies

Posted by Godfrey Sorita on 22-Apr-2015 13:01
Hi Byron,

You want to pass the token generated client-side to an object script trigger. Is this your question?

The simplest way is to save the data on a record so the object script can access the value. This can either be:
1. Passing the value to a field and auto-submitting the form.
2. Use Client-side AJAX API such as rbf_createRecord() or rbf_updateRecord() to save the data.

This thread is closed