catch a token thanks to a js policy

Google Cloud Apigee
1

Hello

I have a terrible issue.

I try to send a POST (thanks to a javascript policy) for catching a token.

I think the problem is on the request :

Request(catalogApi.authUrl, “POST”, headers,“{”+ queryObj + “}”);

but impossible to find the good syntax.

And i have all the time this error : org.mozilla.javascript.Undefined@0

Many thanks in advance

/*creation of the variables for the header and the body*/ 
var headers = 
{  
'Content-Type' : 'application/json',  
'Authorization': 'Basic ' + base64ClientIdSecret 
}, 
queryObj = 
{  
'grant_type': catalogApi.grantType,  
'username': catalogApi.username,  
'password': catalogApi.password 
}; 

var req = new Request(catalogApi.authUrl, "POST", headers,"{"+ queryObj + "}");  
var exchange =httpClient.send(req);  

if (exchange.isSuccess()) 
{  var responseObj =exchange.getResponse().content.asJSON; 

var s = JSON.stringify(responseObj, replacer); 
context.setVariable("token_response",s);…
2

I think you want something like this:

/*creation of the variables for the header and the body*/
var headers = {
      'Content-Type' : 'application/json',
      'Authorization': 'Basic ' + base64ClientIdSecret
    },
    payload = {
      grant_type: catalogApi.grantType,
      username: catalogApi.username,
      password: catalogApi.password
    };

function onComplete(response, error) {
  if (response) {
    context.setVariable('example.status', response.status);
  }
  else {
    context.setVariable('example.error', 'Whoops: ' + error);
  }
}

payload = JSON.stringify(payload);
var req = new Request(catalogApi.authUrl, 
                      'POST', 
                      headers, 
                      payload);

httpClient.send(req, onComplete);

You can see I use JSON.stringify() to produce the payload body. This makes sense if the content-type is application/json.

Also note that I used the callback form of the httpClient.send() function. Recommended over waitForComplete().

You need to take care. It looks like you’re invoking an Oauth v2.0 /token endpoint, and passing a JSON payload. Some /token endpoints might accept that, and some might not. Many of them accept only application/x-www-form-urlencoded payloads. If that is the case, then you would need to serialize the payload differently and use a different content-type header. Something like this:

var headers = {
      // 'Content-Type' : 'application/json',
      'Content-Type' : 'application/x-www-form-urlencoded',
      'Authorization': 'Basic ' + base64ClientIdSecret
    },
  
   ...
// payload = JSON.stringify(payload);
payload = Object.keys(payload)
          .map(function(key) { 
             return key + '=' + encodeURIComponent(payload[key]);
          })
          .join('&');

var req = new Request(catalogApi.authUrl, 
                      'POST', 
                      headers, 
                      payload);
...
3

thank you so much. It is exactly the explaination that i will expect.