Solved: Re: REST CONNECTOR locate the Authorization token - Page 5 - Qlik Community

Report Inappropriate Content · ‎2015-12-03

I am trying to connect to google analytics by following this guide http://help.qlik.com/Connectors/en-US/connectors/#../Subsystems/REST_connector_help/Content/1.0/Crea...

But I get stuck on step 7. Open Developer tools in Google Chrome and locate the Authorization token

How do i locate the token?

berryandcherry6 · ‎2016-12-05

Hi Bjorn,

You have mentioned as that:

To get around this I simply created two connections using the REST Connector, one for GET (LIB: Google Analytics API) and one for POST (LIB: Google Authorization) and used an open JSON server at jsonplaceholder.typicode.com wheen creating the connections (you cannot alter the Method GET/POST using WITH CONNECTION).

How did you created this connection LIB: Google Authorization and LIB: Google Analytics API using jsonplaceholder.typicode.com to create connections, Can you please explain on this. i have got all client_id, secret and refresh_token. Just i need to create conection to load data.

hoangvvo · ‎2017-02-15

you don't you use:jsonplaceholder.typicode.com/posts with a post method and the qeuery parameter as title = foo in your rest connector. you Lib connect to that connection name when you run your select statement from you add a WITH CONNECTION() passing a vRequestBody,which contains all the information you need to pass to the post , ie refresh_token,redirect_uri etc, google url This then uses the new modified string as the connection instead of what was created. once you have done that you can use Karl's code for the configuration of the data into tables.

Report Inappropriate Content · ‎2017-09-08

How can I give token instead of url in qlik rest connector

leonard_wei · ‎2018-06-01

Hi Bjorn,

I am able to accomplish the authentication, thanks to your shared steps and example.

Just wondering what was the intention to start with

IF vTokenExpires <= now() THEN

This is what I predefine variable vTokenExpires ------ LET vTokenExpires = Timestamp(now());

Question is...do I have to store the expires_in value somewhere else in the app/database? Otherwise, in my case I am still going to request access_token every time I load the script regardless of the actual expire time. What would be the best practice to handle token expiry using Rest Connector?

Bjorn_Wedbratt · ‎2018-06-05

Hi Liang,

Wow this was a really old post, glad it's still serving it's purpose helping people out

About the expire time / refresh token, this is related to the API being used (Google API in this case) but I'm not sure you even need to bother if you only run the script yourself (or scheduled on a QSE/QV server).

But according to the documentation on Google there is a risk to reach a limit on refresh tokens if using the same credentials (clientid/secret) on multiple clients/devices at the same time:

"Note that there are limits on the number of refresh tokens that will be issued; one limit per client/user combination, and another per user across all clients. You should save refresh tokens in long-term storage and continue to use them as long as they remain valid. If your application requests too many refresh tokens, it may run into these limits, in which case older refresh tokens will stop working. "

https://developers.google.com/identity/protocols/OAuth2WebServer

I guess that's what caught my attention and the reason for why I keep track on the expiration time, so I didn't request a new access token if not required.

Best,

Bjorn

leonard_wei · ‎2018-06-07

Thanks Bjorn,

I believe this post is definitely going to help more people.And it's all clear to me now.

Anonymous · ‎2018-06-19

Hello! I've read through this post quite a few times and am learning as I go, but am still having trouble. I've been able to connect to my GA data using the GET, but not with the refresh token POST connection.

Additionally I've been able to connect using the POST for the refresh token successfully as well (below)...however, I can't get them to go together now.

Here is what I currently have.

SET vClient_id = MY CLIENT ID;  
  SET vClient_secret = CLIENT SECRET;  
  SET vRefresh_token = REFRESH TOKEN;  
  IF vTokenExpires <= now() THEN // if access_token expired request a new one using the refresh_token    
LET vRequestBody ='';  
  LET vRequestBodyvRequestBody = vRequestBody & 'grant_type=refresh_token';  
  LET vRequestBodyvRequestBody = vRequestBody & '&client_id=' & '$(vClient_id)';  
  LET vRequestBodyvRequestBody = vRequestBody & '&client_secret=' & '$(vClient_secret)';  
  LET vRequestBodyvRequestBody = vRequestBody & '&refresh_token=' & '$(vRefresh_token)'; 
  
CUSTOM CONNECT TO "Provider=QvRestConnector.exe;
url=https://www.googleapis.com/oauth2/v4/token;
timeout=30;method=POST;autoDetectResponseType=true;
keyGenerationStrategy=-1;authSchema=anonymous;
skipServerCertificateValidation=false;
useCertificate=No;certificateStoreLocation=CurrentUser;
certificateStoreName=My;
queryParameters=refresh_token%----%
1client_id%---%
1client_secret%---
%1grant_type%
2refresh_token;
queryHeaders=Authorization%2Bearer ---------;
PaginationType=None;
allowResponseHeaders=false;allowHttpsOnly=false;
XUserId=ALSUeJC;XPassword=JZHBBMD;";



access_token:  
  SQL SELECT   
  "token_type",  
  "access_token",  
  "expires_in"  
  FROM JSON (wrap on) "root"  
  WITH CONNECTION (  
  BODY "$(vRequestBody)"  
  );  
  
  LET vExpiresIn = peek('expires_in',0,'access_token');  
  LET vAccessToken = peek('access_token',0,'access_token');  
  LET vTokenExpires = timestamp(now() + $(vExpiresIn)/86400);  
  ENDIF

So, what comes after this? Or before it?

This is my get URL...

GET https://www.googleapis.com/analytics/v3/data/ga?ids=ga%--VIEWID--&start-date=2017-06-12&end-date=201...{MY_API_KEY}

Thanks!

Using this in Qlikview desktop.

osama_anwar · ‎2018-10-26

Hi Bjorn,

I need you help.

I am creating connection to AFAS.

I have URL and Authentication Token.

But enable to create a connection to get data.

URL : https://XXXXX.rest.afas.online/ProfitRestServices/connectors/Qlik_test

Token : <token><version>1</version><data>xxxx</data></token>

AFAS Snapshot :

osama_anwar · ‎2018-10-26

Bjorn_Wedbratt · ‎2018-10-29

Hi Osama,

I'm not familiar with AFAS myself, but found the following by googling a bit. It looks like the Authorization header is created by base64 encoding the appToken (I assume this is the one you got already) like:

$token = '<token><version>1</version><data>49D9BAF55B80B93BA6DBE4EF64F5728DADB4215A35BBF9D444E09CAB5F5C3913</data></token>';

And then add it as the Authorization header on a request, like:

Authorization: AfasToken base64_encode($token)

There's no built-in base64 encoder in QlikView / Qlik Sense script afak so the encoding needs to be done externally

Here's some example code that I found:

https://gist.github.com/WietseWind/ac7106fe1a01a4742fd352b64473a5e9

https://github.com/rmuit/PracticalAfas/blob/master/src/Client/RestCurlClient.php

Hope this helps

Best,

Bjorn