In my scenario, I had to manage OAuth data out-of-box of the WebApplication so I tried to look for the REST API documentation of the feature.
Unfortunatelly, Oracle doesn't provide ANY documentation about the REST APIs in this case, so I had to investigate the API.
I am sharing the functionalities with cUrl commands, to improve and resume the information:
PREFACE
- All cUrl commands have tested with --insecure (or -k) mode, it was a environment with no certificates installed.
- The credentials regadmin:changeme came from the OAG default settings. You can create other users and replace the admin credentials in a safe environment.
- You can use | python -mjson.tool to format the JSON output on the GET options
- localhost can be replaced by any dns or IP address you need
CREATING DATA
A NEW APPLICATION (WITH MAIN DATA)
URI: /api/portal/v1.1/applications
Example: curl --insecure -X POST --user regadmin:changeme -H "Content-Type:application/json" https://localhost:8089/api/portal/v1.1/applications -d @sampleClient.json
Where sampleClient.json is:
{
"description": "Dummy Description",
"email": "dummy@dummycorp.com",
"name": "DummyCorp"
}
In this case, the ClientApplicationId is an autogenerated value. In a next post, I'll show how to work with this 'problem'.
Given DummyCorpId as the id generated (usually is a value like 1fd97e5d-ec13-4054-8284-3646b86ce02c):
Example: curl --insecure -X POST --user regadmin:changeme -H "Content-Type:application/json" https://localhost:8089/api/portal/v1.1/applications -d @sampleClient.json
Where sampleClient.json is:
{
"description": "Dummy Description",
"email": "dummy@dummycorp.com",
"name": "DummyCorp"
}
Given DummyCorpId as the id generated (usually is a value like 1fd97e5d-ec13-4054-8284-3646b86ce02c):
INSERT API KEY:
URI: /api/portal/v1.1/applications/<ClientAppId>/apikeys
Example: curl --insecure --user regadmin:changeme https://localhost:8089/api/portal/v1.1/applications/DummyCorpId/oauth -X POST -H
All values (id and secret) are autogenerated.
All values (id and secret) are autogenerated.
INSERT OAUTH DATA:
URI: /api/portal/v1.1/applications/<ClientAppId>/oauth
Example: curl --insecure --user regadmin:changeme https://localhost:8089/api/portal/v1.1/applications/DummyCorpId/oauth -X POST -H "Content-Type:application/json" -d @oauthclient.json
Where oauthclient.json is:
{
"cert": "",
"enabled": true,
"redirectUrls": [
"http://www.google.com"
],
"id":"ClientID",
"secret": "ClientSecret",
"type": "confidential"
}
Where oauthclient.json is:
{
"cert": "",
"enabled": true,
"redirectUrls": [
"http://www.google.com"
],
"id":"ClientID",
"secret": "ClientSecret",
"type": "confidential"
}
INSERT OAUTH SCOPE:
URI: /api/portal/v1.1/applications/<ClientAppId>/oauthresource
Example: curl --insecure --user regadmin:changeme https://localhost:8089/api/portal/v1.1/applications/DummyCorpId/oauthresource -X POST -H "Content-Type:application/json" -d @oauthscope.json
Where oauthscope.json is:
{
"id":"CustomerREADScope",
"enabled": true,
"scopes": ["customer.READ"],
"scope": "customer.READ",
"uriprefix": "customer.READ"
}
"id":"CustomerREADScope",
"enabled": true,
"scopes": ["customer.READ"],
"scope": "customer.READ",
"uriprefix": "customer.READ"
}
GETTING DATA
ALL APPLICATIONS REGISTERED
URI: /api/portal/v1.1/applicationsExample: curl --insecure -X GET --user regadmin:changeme https://localhost:8089/api/portal/v1.1/applications | python -mjson.tool
A SIMPLE APPLICATION
URI: /api/portal/v1.1/applications/<ClientAppId>
Example: curl --insecure -X GET --user regadmin:changeme https://localhost:8089/api/portal/v1.1/applications/DummyCorpId
API KEYS
URI: /api/portal/v1.1/applications/<ClientAppId>/apikeys/
Example: curl --insecure -X GET --user regadmin:changeme https://localhost:8089/api/portal/v1.1/applications/DummyCorpId/apikeys/
THE OAUTH MAIN DATA
URI: /api/portal/v1.1/applications/<ClientAppId>/oauth
Example: curl --insecure --user regadmin:changeme https://localhost:8089/api/portal/v1.1/applications/DummyCorpId/oauth
and the OAuth Scopes:
URI: /api/portal/v1.1/applications/<ClientAppId>/oauthresource
Example: curl --insecure --user regadmin:changeme https://localhost:8089/api/portal/v1.1/applications/DummyCorpId/oauthresouce
UPDATE DATA
In order to update data with this REST API, you should provide all data previously inserted. If you provide just the field(s) you want to update, the others will be null
UPDATE APP MAIN DATA
URI: /api/portal/v1.1/applications/<ClientAppId>
Example: curl --insecure -X PUT --user regadmin:changeme -H "Content-Type:application/json" https://localhost:8089/api/portal/v1.1/applications/DummyCorpId -d @updateClient.json
Where updateClient.json is:
{
"id": "DummyCorpId",
"description": "Dummy Description",
"email": "dummy@dummycorp.com",
"name": "New DummyCorp",
"createdOn": 1434714309524,
"enabled": true,
"image": null,
"organizationId": null,
"phone": "phone",
"state": null
}
Example: curl --insecure -X PUT --user regadmin:changeme -H "Content-Type:application/json" https://localhost:8089/api/portal/v1.1/applications/DummyCorpId -d @updateClient.json
Where updateClient.json is:
{
"id": "DummyCorpId",
"description": "Dummy Description",
"email": "dummy@dummycorp.com",
"name": "New DummyCorp",
"createdOn": 1434714309524,
"enabled": true,
"image": null,
"organizationId": null,
"phone": "phone",
"state": null
}
UPDATE OAUTH DATA:
URI: /api/portal/v1.1/applications/<ClientAppId>/oauth/<ClientId>
Example: curl --insecure --user regadmin:changeme -X PUT https://localhost:8089/api/portal/v1.1/applications/DummyCorpId/oauth/ClientID -d @oauthclient_update.json -H "Content-Type:application/json"
Where oauthclient_update.json is:
{
"applicationId": "DummyCorpId",
"cert": "",
"corsOrigins": [],
"createdBy": null,
"createdOn": 1434715843102,
"enabled": true,
"id": "ClientID",
"redirectUrls": [
"http://www.google.com/redirect"
],
"secret": "ClientSecret",
"type": "confidential"
}
In this case, you should provide applicationId as well. If you don't, the value will be updated to null.
Where oauthclient_update.json is:
{
"applicationId": "DummyCorpId",
"cert": "",
"corsOrigins": [],
"createdBy": null,
"createdOn": 1434715843102,
"enabled": true,
"id": "ClientID",
"redirectUrls": [
"http://www.google.com/redirect"
],
"secret": "ClientSecret",
"type": "confidential"
}
In this case, you should provide applicationId as well. If you don't, the value will be updated to null.
UPDATE OAUTH SCOPE:
URI: /api/portal/v1.1/applications/<ClientAppId>/oauthresource/<resourceId>
Example: curl --insecure --user regadmin:changeme https://localhost:8089/api/portal/v1.1/applications/DummyCorpId/oauthresource/CustomerREADScope -X PUT -H "Content-Type:application/json" -d @updateoauthscope.json
Where updateoauthscope.json is:
{
Where updateoauthscope.json is:
{
"applicationId": "DummyCorpId",
"enabled": true,
"id": "CustomerREADScope",
"isDefault": true,
"scope": "customer_READ",
"scopes": ["customer_READ"],
"uriprefix": "customer_READ"
}
"enabled": true,
"id": "CustomerREADScope",
"isDefault": true,
"scope": "customer_READ",
"scopes": ["customer_READ"],
"uriprefix": "customer_READ"
}
DELETE DATA
DELETE ALL APP DATA
URI: /api/portal/v1.1/applications/<ClientAppId>
Example: curl --insecure --user regadmin:changeme -X DELETE https://localhost:8089/api/portal/v1.1/applications/DummyCorpId
Example: curl --insecure --user regadmin:changeme -X DELETE https://localhost:8089/api/portal/v1.1/applications/DummyCorpId
DELETE OAUTH DATA:
URI: /api/portal/v1.1/applications/<ClientAppId>/oauth/<ClientId>
Example: curl --insecure --user regadmin:changeme -X DELETE https://localhost:8089/api/portal/v1.1/applications/DummyCorpId/oauth/ClientID
DELETE OAUTH SCOPE:
URI: /api/portal/v1.1/applications/<ClientAppId>/oauthresource/<resourceId>
Example: curl --insecure --user regadmin:changeme -X DELETE https://localhost:8089/api/portal/v1.1/applications/DummyCorpId/oauthresource/CustomerREADScope
REFERENCES
- http://docs.oracle.com/cd/E39820_01/doc.11121/gateway_docs/content/oauth_app_registration.html
- https://docs.oracle.com/cd/E55956_01/index.htm