Working With Tokens

From KickApps Documentation

This section explains important sections of code in the User Bean and HTTP Client of each sample application, showing how the application makes HTTP requests to the REST server and then how the application handles returned information from the server.

Creating a Token

The REST server uses the token to authenticate the request. As shown for Create Token, the REST URL for this call requires a valid value for developerKey, username, and as (affiliate site Id).

The first call your application makes is a request for a session token. For example, in the C# sample application, the login class's objclsRestClient object creates a new instance of clsRestClient.

C#

We've provided this example using C#:

clsRestClient objclsRestClient = new clsRestClient(); String RestUrl = clsRestClient.CREATE_TOKEN_URL + this.txtUserName.Text + "/" + affiliate_site; String result = "";

To this string, you'll add your developer key and then make a post to the server using the doRestCall method.

NameValueCollection parameters = new NameValueCollection(); parameters.Add("developerKey", developerKey); parameters.Add("password",this.pwd.Text); result = objclsRestClient.doRestCall(RestUrl, "POST", parameters);

Processing and Storing Tokens

A successful call for a token will return a string (shown below) that the sample application converts into JSON name:value pairs (see JSON syntax, Page 172). The application extracts the privileges, session token, and method and stores them, along with the entire string in the user bean.

Return from Server

[{"PRIVILEGES":"RW","TOKEN":Qqvb7kTFiz4M2lqCYzvjaA==,"METHOD":POST"}]

To convert the string and then store it in the user bean, the application:

1. Creates a new JSON object.
2. Converts the returned string into JSON values to be stored in the user bean. The C# application does this using the DeserializeObject method, the PHP sample application does this using the PHP json_decode function and the Java sample application uses the json.org jsonObject.java package.
3. Sets the values into the user bean.
4. Sets the user bean into the session.

For subsequent calls, the applications check the value stored in the user bean, if the value is invalid, then the application will make a new create token call and update the values in the user bean.

C#

Converts the string into a JSON payload and then the result is stored to the user bean (ka_token).

UserBean token = (UserBean)JavaScriptConvert.DeserializeObject(result, typeof(UserBean));

if (token.TOKEN != null) { token.PAYLOAD = result; Session["ka_token"] = token;

                         Response.Redirect("userprofile.aspx?userId="+token.userId);

} else { throw new Exception("Invalid Login"); }

Java

In the HTTP client, the JSON.org JSONObject constructor uses JSONTokener to extract values.

return new JSONObject(new JSONTokener(response));

The application (processLogin.jsp) then sets the values into the user bean.

if (tokenObject != null && tokenObject.isNull("TOKEN") == false) {

ka_token.setToken(tokenObject.get("TOKEN").toString()); ka_token.setPriviliges(tokenObject.get("PRIVILEGES").toString()); userid = tokenObject.get("userId").toString(); ka_token.setId(userid); ka_token.setAs(as); request.getSession().setAttribute("ka_token", ka_token); }

PHP

PHP v 5.2.0 and later includes its own JSON extensions. You can convert a string into an object by using the json_decode function as follows.

if (tokenObject != null && tokenObject.isNull("TOKEN") == false) {

   ka_token.setToken(tokenObject.get("TOKEN").toString());
   ka_token.setPriviliges(tokenObject.get("PRIVILEGES").toString());
   userid = tokenObject.get("userId").toString();
   ka_token.setId(userid);
   ka_token.setAs(as);
   request.getSession().setAttribute("ka_token", ka_token);

}