3

I have SiteA storing user information(name, office, department etc.). The back end has exposed REST WS that give the information to the front end. The site uses Google OAuth2 authentication - Users log in via Google account. With OAuth2 we let google handle the login(without asking for username and password). Google generates an authorization code that is used with the client_id and client_secret to generate an token for the user.

I have SiteB. I am creating a job that is going to be executed once a day. I need it to login programmatically to SiteA so I can get a security token that I can use in requests to the REST WS API provided by SiteA and fetch the needed information.

I was unable to find a similar question online. Everything usually ends up to the user opening a browser and navigating to an approaval URL.

Something similar is Google Drive API - OAuth2.0: How to Automate Authentication Process? Doubts and Questions, but it is about connecting to Google Drive without login.

I am starting to doubt that it is possible. Have anyone figured out how to implement this way of communication between systems?

The only option that I could thing of is connecting to SiteA DB and extracting records manually, but that would duplicate the login in SiteA and SiteB.

Improve this question
6
  • Then you will have to add an internal redirect from SiteA to SiteB with access-token and other information. What you are trying to do is not recommended. Commented Nov 24, 2017 at 12:51
  • What is the recommended way of dealing with such a case? SiteA is used by many users as SiteB is. They do not share the same DB, but have common tables inside. It is not recommended to change SiteA in any way to achieve the explained above. Commented Nov 24, 2017 at 12:55
  • The user has authenticated SIteA, but you want that data on SiteB, now in future, when you would need more functionality, you would have to construct methods to send data from SiteA or SiteB. So, this involves an overhead. Lastly, it's much more clean to redirect user properly to SiteB after authenticating for SiteB, this way, the user doesn't see the redirects, which some browsers warn about and some security mechanisms prohibit it. Commented Nov 24, 2017 at 13:09
  • I am not sure you undersood me correctly. There is no user interaction in what I am trying to achieve, everything needs to be automated. SiteB wants to fetch information from SiteA.that information needs to be fetched daily with a job. SiteA requires user loggin with a google account.(By clicking sign in manually). I want to avoid this manual step so I can make everything automatic. I have gmail account and password. I want to login to SiteA programmatically and receive the security token so I can make additional requests to the REST API. Commented Nov 24, 2017 at 13:16
  • Is the data pull you are trying to achieve, should the data be pulled from Google servers first? Commented Nov 24, 2017 at 13:20

1 Answer 1

Reset to default
1

What I was asking is not possible in the time of writing the question. What we did to solve the issue is to extend the life of the token for the account that is used to login to SiteA and set it it in the header of the request from SiteB:

connection.setRequestProperty("Authorization", token);

We changed the lifespan of the token from the database and since this are internal systems the long life of the token is not a problem.

Another option is to follow How to get offline token and refresh token and auto-refresh access to Google API and generate an offline token, but the idea is still the same.

Hope this helps someone.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.