From what I can tell by reading other threads, it would appear that since we are using SSO on an organizational level, that there is no way to avoid the user having to enter data into a login form?
Is this correct? The goal of this console application is to run at night with no user input at all.
Would love any direction you could give me
PS. Id be more than happy to provide my client_id, etc in a private email with support staff if that would help
Not sure if it helps but when we setup access from a web app once a user has manually logged in you can store the OAuth token and then when it expires just refresh it. So after the initial manual login the process should be able to run unattended.
Not sure if SSO throws a spanner in the works though. I can post some code if it'll help?
Actually I need to think about this and just about to head out so will post some code tomorrow but the issue is we use a redirect back to our website (you need this redirect for the OAuth to work) then once we have the OAuth JSON data we store that in a DB and then console based apps can use it. Not sure whether you can create a small webapp just to handle the initial authorisation to get the JSON token?
PS: Not sure if you can use curl to get the JSON token, well I know you can, but not sure if that gives you the refresh token, can't remember off the top of my head!
Password Authentication: Requires the consumer perform ShareFile account discovery, which is not currently documented. In order to complete this authentication the consumer will must know
applicationControlPlane. In the sample below, these are assumed to have been obtained already.
var sfClient = new ShareFileClient("https://secure.sf-api.com/sf/v3/"); var oauthService = new OAuthService(sfClient, "[clientid]", "[clientSecret]"); var oauthToken = await oauthService.PasswordGrantAsync(username, password, subdomain, applicationControlPlane); sfClient.AddOAuthCredentials(oauthToken); sfClient.BaseUri = oauthToken.GetUri();
If you have a user in ShareFile whose credentials you can use to connect then you can create an OAuth key - https://api.sharefile.com/rest/oauth2-request.aspx and then use the aforementioned user to upload the files.
If this isn't doable because you don't have said user and SSO prevents this then you could go down the approach of creating a small web app with a single page that uses the web based authorisation pop up then stores the OAuth token as JSON somewhere central.
The console app can then use that by converting the JSON into a valid token and it can silently refresh the token if it expires so you'd only need to run the web app once or again if the user you use revokes the OAuth permissions.
I can potentially help you with this (web app approach) if you get stuck but as my delayed response implies I'm rather busy currently!
(NB: From memory "state" is meant to be something more secure :-)
Subdomain is whatever your sharefile site subdomain is
Apologies if I've missed anything below just heading out!
curl -X POST "https://<SUBDOMAIN>.sharefile.c..." -H "Content-Type: application/x-www-form-urlencoded" -d "grant_type=authorization_code&code=<CODE>&client_id=<CLIENTID>&client_secret=<CLIENTSECRET>"
and after 8 hours to refresh: (Don't refresh early it will fail and break your existing token)
curl -X POST "https://<SUBDOMAIN>.sharefile.c..." -H "Content-Type: application/x-www-form-urlencoded" -d "grant_type=refresh_token&refresh_token=<REFRESHTOKENFROMORIGINALREQUEST>&client_id=<CLIENTID>&client_secret=<CLIENTSECRET>"
Hoping the copy and paste hasn't broken some links if so will check later when I get time and fix if its not enough to get you going