DataConnector
In This Topic
    OAuth Authorization
    In This Topic

    OAuth is an open-standard authorization protocol that creates a platform for unlinked servers and services to allow authenticated access to the data sources without sharing private credentials. OAuth is used in a wide variety of applications for user authentication.

    In OAuth, the client requests access to resources controlled by the resource owner and hosted by the resource server, and is issued a different set of credentials than those of the resource owner to access the data.

    DataConnector facilitates OAuth, currently by supporting password credentials and client credentials grant type. It can be implemented by setting the following attributes for the connection string used for setting up the connection.

    Property Description
    OAuth Scope The scope for the OAuth 2.0 authentication request.
    OAuth Refresh Token OAuth 2.0 refresh token to be used for the authentication. Access token credentials must be kept confidential in transit and storage.
    OAuth Access Token The OAuth 2.0 access token to be used for the authentication. Access token credentials must be kept confidential in transit and storage.
    OAuth Token Endpoint OAuth 2.0 token endpoint to be used for the authentication.
    OAuth Client Secret The secret of the OAuth 2.0 Client to be used for the authentication.
    OAuth Client Id The id of the OAuth 2.0 Client to be used for the authentication. The client identifier issued to the client during the registration process.
    OAuth Extend Properties This is designed to support any custom information users want to add to the connection string so that our library can obtain access token properly. It is not needed with OData server.

    The DataConnector API automatically generates OAuthAccessToken and OAuthRefreshToken using connection string. The auto generated access token and refresh token are directly consumed by the connection to provide secured access to fetch data from resource server.

    In the code example below, the password credentials are passed in the connection string. The values are retrieved by accessing the data using Username and Password credentials provided by the resource owner to the client.

     These properties can also be set using the properties of C1OdataConnectionstringBuilder and C1D365SConnectionstringBuillder classes.

    const string urlDynamics = @https://xxx.xxx.xxx.xxx.com/api/data/v9.1/;
    const string username = "";
    const string password = "";
    const string tokenEnpoint = @"https://login.microsoftonline.com/common/oauth2/token";
    const string extendProperties = @"{""resource"":""https://xxx.xxx.xxx.com/""}"; 
    //Password credential in connection string
    string connstr = $@"Url={urlDynamics};Use Cache=true;Use Etag=true;Username={username};Password={password};OAuth Token Endpoint={tokenEnpoint};OAuth Extend Properties={extendProperties};Max Page Size = 100";
    using (var con = new C1D365SConnection(connstr))//Creating Connection using connection string as parameter
    {
      //Open connection
      con.Open();
      //Create Command
      var cmd = con.CreateCommand();
      cmd.CommandText = "Select  accountid, name  FROM Accounts limit 10'";
      //Executing Reader
      var rdr = cmd.ExecuteReader();
      //Dispalaying Data using Reader Object
      while (rdr.Read())
      {
        Console.WriteLine(String.Format("\t{0} --> \t\t{1}", rdr["accountid"], rdr["name"]));
      }
    }
    

    The same can be achieved through passing client credentials in the connection string as shown in below code example. The values are retrieved by accessing the data using OAuthClient Id and OAuthClientSecret credentials provided by the resource owner to the client.

    const string urlDynamics = @https://xxx.xxx.xxx.xxx.com/api/data/v9.1/;
    const string ClientSecret = ""
    const string clientID = "";
    const string tokenEnpoint = @"https://login.microsoftonline.com/common/oauth2/token";
    const string extendProperties = @"{""resource"":""https://xxx.xxx.xxx.com/""}";
    //Client credential in connection string
    string connstr = $@"Url={urlDynamics};Use Etag=true;OAuth Client Id={clientID};OAuth Client Secret={cllentSecret};OAuth Token Endpoint={tokenEnpoint};OAuth Extend Properties={extendProperties};Max Page Size = 100";
    

    If user already has AccessToken and RefreshToken details, the below connection string can be used. This way, user doesn't have to obtain the token and can connect directly using provided token.

    const string urlDynamics = @"https://xxx.xxx.xxx.xxx.com/api/data/v9.1/";
    const string accessToken = @"<real access token>";
    const string clientID = "";
    const string cllentSecret = "";
    const string refreshToken = "<real refresh token>";
    const string tokenEnpoint = @"https://login.microsoftonline.com/common/oauth2/token";
    
    static string connstr = $@"Url={urlDynamics};OAuth Access Token={accessToken};OAuth Refresh Token={refreshToken};OAuth Client Id={clientID};OAuth Client Secret={cllentSecret};OAuth Token Endpoint={tokenEnpoint};Use Etag=true;Use Connection Pooling=true";