OAuth2 Parameters

Connection to the external endpoints is only possible if OAuth2 parameters are specified. Trillo utilizes four types of OAuth2 grants as mentioned below.

grant_type Description
password Resource Owner Password Credentials: User credentials are required along with client
client_credentials Only client credentials needs to be provided
authorization_code Authorization code is enough for authentication
implicit Authentication will happen implicitly

Further information about the grants can be found here - https://oauth.net/2/grant-types/

The rest of properties are described below.

Property Type Description
oauthUrl string Server URL for authentication and authorization
tokenUrl string Token URL
client_id string Client name/id
client_secret string Client secret
username string User name/id
password string Password associated with the user
scope string OAuth2 Scopes
userProfileApiSpecs string API required to provide basic user profile (first and last name, email, etc)

Notice that client and user credentials (along with other info) are user's property and will remain inside their secure repository.

JSON Representation

"props" : {
    "grant_type" : "password",
    "oauthUrl" : "authentication URL",
    "tokenUrl" : "token URL",
    "client_id" : "client ID",
    "client_secret" : "client secret",
    "username" : "username if provided",
    "password" : "password is provided"
    "scope" : "scope1,scope2"
  }

userProfileApiSpecs

When a user login happen thru the social account, a set of APIs are needed to obtained basic user's profile. The following snippet shows two such APIs. Trillo obtains the json response and feeds it to user-defined transformation functions. The purpose of individual functions to extract a map of "firstName", "lastName", "emailAddress", "pictureURL" and "externalId". These transformation functions must be defined in the same application where the service definition exists.

"userProfileApiSpecs" : [
  {
    "url" : "https://api.linkedin.com/v2/me?projection=(id,firstName,lastName,profilePicture(displayImage~:playableStreams))",
    "transformationFunction" : "userProfileMapper"
  },
  {
    "url" : "https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~))",
    "transformationFunction" : "userEmailMapper"
  }

Here is an example of a typical transformation function ("userProfileMapper"). Notice that it is returning a map which includes the first name and last name. The right hand side of the transformation reads the json document returned by the invoking the associated API.

import java.util.Map;
import java.util.HashMap;

Map map = new HashMap();
map.put("firstName", v.firstName.localized.en_US);
map.put("lastName", v.get("lastName").localized.en_US);
map.put("externalId", v.get("id"));
map.put("pictureUrl", v.profilePicture.get("displayImage~").elements[0].identifiers[0].identifier);

map;