Sunday, 20 October 2013

Oauth Google With Salesforce.com using apex

In this short blogpost lets explore oauth along with a classic example of connecting salesforce and google and fetching auth token from the google using on demand salesforce emerging platform language apex 

There are already excellent client libraries to help you started with oauth 2.0 

The above link is really nice one to explore more code in your faviourate language .Now coming to salesforce we have excellent blog post that teaches oauth in depth and i call it as sfdc oauth bible 


The above URL teaches lot of stuff in a very lucid and very unique style .Thanks to the author .

In this blog post we will connect sfdc and Google and obtain oauth token from the google .This oauth token can be used to fetch personalized  data from Google using the Google API's(I will love to do one more blog post where an example of data fetched from Google will be shown)


Using OAuth 2.0 to Access Google APIs


The API's provided by the Google can be accessed easily once we authorize the app created in google with sfdc.

There are various different types of apps that we can create which includes web server,client app,native,installed apps .


Reading the above document is really helpful as very steps are highlighted that we will do before moving into sfdc end 

1)Register your application

To register an application google provides a console name cloud console 


Here in the above URL we will need to do very important steps .One is to create a project and then register a web app .
Creation of project is just a button click on new project and providing a name and saving it.

To register an app go to Project>API's>Register APPs

Here create a new web app .You can register any of the type of app and note the mechanism for each is different and discussed in the Guide
For this demo we will create a web server application.

2)Authenticating the User

User authentication is our next step.Once we register our web app of sfdc in google we obtain the clientid and client secret which are used to fetch the oauth token from google .

Please note a very important parameter is necessary that's redirect url for the web app .In force.com we will create a small visualforce page and the url this visualforce page has ,to be provided as the redirect url.Also its important to fill the web orgin in cloud console  so as per your salesforce request url please provide as appropriate(example in my case its developer org and hence its https://ap1.salesforce.com).

If my visualforce page is named as GoogleAuth then my redirect url would be https://ap1.salesforce.com/apex/GoogleAuth

We are ready to see some code that is written in visualforce and apex language to fetch the oauth token from the google completing the oauth dance



Let me explain the code above to my best of ability of explaining

1)The controller consists of two major methods

Connect method()
Showtoken()

Connect method redirects to url to authorize the app .First step is to get "code " url parameter from the google .This will be got only once we authorize the app .Typically web server oauth flow you will see in video

Show token method is called once we have the "code" parameter.

string codeparam=apexpages.currentpage().getparameters().get('code');

Using the code parameter we will make a request body and make a http request from sfdc.



The body formation is the key and all parameters are clearly explained in the google documet https://developers.google.com/accounts/docs/OAuth2

We are printing the oauth token obtained and using this oauth token we can fetch the personalised user data like contacts,calendar events ,access Map API's,etc




Here is the video link

http://screencast-o-matic.com/watch/cI6Y2hV7dS

There is force.com toolkit for the google found in the link below which is very easy to install and use

http://wiki.developerforce.com/page/Google_Data_API_Toolkit

But this blogpost my intention was to demonstrate oauth and its concepts for force.com lovers .Hope you enjoyed this blog!Happy coding !

There is lot of to do's after fetching oauth token but this is the starting point to get going .Infact an  oauth token is short lived and hence a refresh a token is necessary to fetch and left as an exercise to reader.





Introducing Lightning Base Components

Lightning Base Components are great addition to the platform and in fact revolutionary .One of the concerns around lightning component ...