BookmarkSubscribeRSS Feed
WaelAburezeq
Obsidian | Level 7

Hi folks,

 

I am referring to a Webinar published on 6th of May titled "Using SAS® APIs" at this URL: https://www.sas.com/en_us/webinars/using-sas-apis.html

 

I downloaded the PostMan json file and imported it, I am much concerned about Create CAS Session --> Pre-request Scripts. What do these three variables , in the following script, refer to:

 

Variable #1: "token_url": Is this the URL used to access SAS? or the Client.Token?

Variable #2: "encoded_id_secret" Is this the client.token, client_id, client_secret; or What???

Variable #3: "OAUTH_USERNAME" Is this the LDAP username that already have access to SAS VIYA?

 

 
pm.sendRequest({
    url: pm.environment.get("token_url")+"/SASLogon/oauth/token",
    method: 'POST',
    header: {
        'Authorization': 'Basic '+ pm.environment.get("encoded_id_secret"),
        'Accept': 'application/json',
        'Content-Type': 'application/x-www-form-urlencoded',
    },
    body: {
          mode: 'urlencoded',
          urlencoded: [
            {key: "grant_type", value: "password", disabled: false},
            {key: "username", value: pm.environment.get("OAUTH_USERNAME"), disabled: false},
            {key: "password", value: pm.environment.get("OAUTH_PASSWORD"), disabled: false}
        ]
    }
  }, function (err, res) {
        pm.environment.set("authToken", res.json().access_token);
});

Thank you,

 

 

 

9 REPLIES 9
AllanBowe
Barite | Level 11

Variable 1 (token_url) -> this is simply the url of your SAS Viya Server.  If you are running directly on Viya, this would / could be "localhost.  Postman just needs to be able to find "/SASLogon" here.

Variable 2 (encoded_id_secret) - this is the base64 encoded output from "${CLIENT_ID}:${CLIENT_SECRET}"  (Basic Authentication).  So, client_id + ":" + client_secret, base64 encoded.  There are online generators to help you create this, eg:  https://www.blitter.se/utils/basic-authentication-header-generator/

Variable 3 (OAUTH username / password) - this is the regular username / password you use to log into Viya.

 

Hope this helps.  By the way, this approach (with embedded username / password) is known as "implicit" flow.  The alternative (authorization_code)  is quite similar - this article may help: https://communities.sas.com/t5/SAS-Communities-Library/Token-Management-in-HTML5-Viya-Apps/ta-p/6523... 

/Allan
SAS Challenges - SASensei
MacroCore library for app developers
SAS networking events (BeLux, Germany, UK&I)

Data Workflows, Data Contracts, Data Lineage, Drag & drop excel EUCs to SAS 9 & Viya - Data Controller
DevOps and AppDev on SAS 9 / Viya / Base SAS - SASjs
WaelAburezeq
Obsidian | Level 7

Thank you Allan for your prompt response, it is highly appreciated.

 

One more clarification, I already registered the client and assigned a client secret using this script:

 

curl -X POST "https://localhost/SASLogon/oauth/clients" \ 
-H "Content-Type: application/json" \
-H "Authorization: Bearer $access_token" \
-d '{ "client_id": "app", "client_secret": "cs123secret", "scope": ["openid"], "authorized_grant_types": ["password"], "access_token_validity": 43199 }'

$access_token is coming from a script executed based on client.token file in SAS server.

 

My question is with regards to the variable #2: encoded_id_secret Should I just define it as app:cs123secret  and it will generate the token that I will use the get method later to continue with?

AllanBowe
Barite | Level 11
You should take the "app" and "cs123secret" and base64 encode (eg using a site like this - https://www.blitter.se/utils/basic-authentication-header-generator/) and use the result, eg: "YXBwOmNzMTIzc2VjcmV0" in your variable.
/Allan
SAS Challenges - SASensei
MacroCore library for app developers
SAS networking events (BeLux, Germany, UK&I)

Data Workflows, Data Contracts, Data Lineage, Drag & drop excel EUCs to SAS 9 & Viya - Data Controller
DevOps and AppDev on SAS 9 / Viya / Base SAS - SASjs
WaelAburezeq
Obsidian | Level 7

Hi Allan,

 

There is one final thing as follow:

 

I am able to a get an access token anytime using this command on shell

 

 

curl -k -X POST "https://aeadsaswf01-afs.adfca.ae/SASLogon/oauth/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=password&username=wael.k.aburizq&password=Password1" \
-u "mysasclient:Mysecret"

However, this postman pre-request script is not working knowing that "bXlzYXNjbGllbnQ6TXlzZWNyZXQ=" is coming from basic-authentication-header-generator  for the above client_id and secret in the "u"

pm.sendRequest({
    url: "https://aeadsaswf01-afs.adfca.ae/SASLogon/oauth/token",
    method: 'POST',
    header: {
        'Authorization': 'Basic '+ "bXlzYXNjbGllbnQ6TXlzZWNyZXQ=",
        'Accept': 'application/json',
        'Content-Type': 'application/x-www-form-urlencoded',
    },
    body: {
          mode: 'urlencoded',
          urlencoded: [
            {key: "grant_type", value: "password", disabled: false},
            {key: "username", value: pm.environment.get("OAUTH_USERNAME"), disabled: false},
            {key: "password", value: pm.environment.get("OAUTH_PASSWORD"), disabled: false}
        ]
    }
  }, function (err, res) {
        pm.environment.set("authToken", res.json().access_token);
});

 

 

The error is:

There was an error in evaluating the Pre-request Script:  Error: Unexpected token u in JSON at position 0

 

AllanBowe
Barite | Level 11

Strange.  I wonder if there's something preventing implicit flow in your Environment Manager setup.

 

If you have the admin rights, you could get yourself a token using SASStudioV, just step through the following:

 

/*compile macros from macrocore library (or download and run seperately) */
filename mc url "https://raw.githubusercontent.com/macropeople/macrocore/master/mc_all.sas?_=3";
%inc mc;

/* register new client with random cliend_id & secret */
%mv_registerclient()

/* take the link from the log above, and open it in a browser */
/* then paste the auth code in the macro below and run it */
 %mv_tokenauth(code=LD39EpalOf)

This will give you an access_token and refresh_token suitable for an authorization_code approach as described here: https://communities.sas.com/t5/SAS-Communities-Library/Token-Management-in-HTML5-Viya-Apps/ta-p/6523...

/Allan
SAS Challenges - SASensei
MacroCore library for app developers
SAS networking events (BeLux, Germany, UK&I)

Data Workflows, Data Contracts, Data Lineage, Drag & drop excel EUCs to SAS 9 & Viya - Data Controller
DevOps and AppDev on SAS 9 / Viya / Base SAS - SASjs
WaelAburezeq
Obsidian | Level 7

I see,

 

but the idea behind is that I will embed a REST API for a ML model into one of the local systems. This API needs an access token before it is executed, so I need to keep passing active tokens in the requests.

 

I hope I was able to make it more clear now

joeFurbee
Community Manager

@WaelAburezeq,

Can you provide the results of the "Code" output from Postman and the Postman Console contents for this call?


Join us for SAS Community Trivia
SAS Bowl XLIII, The New SAS Developer Portal
Wednesday, August 14, 2024, at 10 a.m. ET | #SASBowl

WaelAburezeq
Obsidian | Level 7

This is the result from Postman, I just want to highlights some points:

1- The URL variable won't work unless it is added to current not only initial value in the environment variable.

2- Switching SSL off in the settings 

 

Here is the output results, it also set the access id token <authToken> environment variable as per the code.

curl --request POST 'https://aeadsaswf01-afs.adfca.ae/casManagement/servers/cas-shared-default/sessions' \
--header 'Content-Type: application/vnd.sas.cas.session+json' \
--header 'Authorization: Bearer eyJhb...............'

The output console:

 

Host name is mandatory (although it is not mentioned in the code above), I chose to set it manually.

 
Request Headers
Content-Typeapplication/vnd.sas.cas.session+json
AuthorizationBearer eyJh...........
User-AgentPostmanRuntime/7.25.0
Accept*/*
Hostaeadsaswf01-afs.adfca.ae
Accept-Encodinggzip, deflate, br
Connectionkeep-alive
Content-Length0
 

 

 

 

 

joeFurbee
Community Manager

Hi @WaelAburezeq

Were you ever able to get the pre-req script to run? I copied the JSON you provided in an earlier comment and was able to get an access token. Perhaps there is a stray character in your pm.sendRequest JSON that is causing the ' Error: Unexpected token u in JSON at position 0' error. The 'u' in the error represents undefined, which normally indicates a parsing error with the JSON code.

Thanks,

Joe


Join us for SAS Community Trivia
SAS Bowl XLIII, The New SAS Developer Portal
Wednesday, August 14, 2024, at 10 a.m. ET | #SASBowl

SAS Innovate 2025: Save the Date

 SAS Innovate 2025 is scheduled for May 6-9 in Orlando, FL. Sign up to be first to learn about the agenda and registration!

Save the date!

How to Concatenate Values

Learn how use the CAT functions in SAS to join values from multiple variables into a single value.

Find more tutorials on the SAS Users YouTube channel.

SAS Training: Just a Click Away

 Ready to level-up your skills? Choose your own adventure.

Browse our catalog!

Discussion stats
  • 9 replies
  • 7600 views
  • 0 likes
  • 3 in conversation