CODEWITHSUNDEEP
oracle-databaseplsqlshopwareutl-http
feddoh
feddoh

Reputation: 31

oracle utl_http rest call on shopware 6 admin-api?

I am confused about utl_http and oauth authentication with shopware 6. I undestand I have to obtain a token, which has to be used in futher requests. With all efforts I am getting the answer: "The authorization grant type is not supported by the authorization server".

There is tons of info on this issue but very little with utl_http - so i wonder if utl_http is comaptible with shopware anyway. Does anybody have a hint for me? thanks in advance!

  l_req   UTL_HTTP.req;
  l_resp  UTL_HTTP.resp;
  l_text  VARCHAR2(32767);

  begin
    -- setting the Wallet works - ACL is also set up properly! 
    utl_http.set_wallet('[wallet_file]','[wallet_pwaasword]');

    l_req  := UTL_HTTP.begin_request([my-shopware-url.de]/api/oauth/token], 'POST', 'HTTP/1.1');

    utl_http.set_header(l_req, 'content-type', 'application/json'); 
    utl_http.set_header(l_req, 'Accept', 'application/json'); 
    utl_http.write_text(l_req,'{
                                "grant_type": "client_credentials",
                                "client_id": "[my-client-id]",
                                "client_secret": "[my-client-secret]"
                               }');

    l_resp := utl_http.get_response(l_req);

    utl_http.read_text(l_resp, l_text, 32766);
    DBMS_OUTPUT.put_line (l_text); -- "The authorization grant type is not supported by the authorization server".

    -- once the token is obtained, I would set the token in the header for the next request
    utl_http.set_header(l_req, 'sw-access-key', [TOKEN]); 
    utl_http.write_text(l_req,'[REQUEST-BODY]');
    l_resp := utl_http.get_response(l_req);

   utl_http.end_response(l_resp);
 end;

Upvotes: 2

Views: 1346

Answers (2)

Alex
Alex

Reputation: 34958

I have no idea about Oracle, but more about Shopware :-)

Which exact Shopware version or you on? I would suggest to first test with the curl command below to see if the request works, if it does, something in the construction of the request by Oracle is causing the problem.

  1. Please create an integration and obtained client_id (access key ID in the screenshot) and client_secret (via Settings -> System -> Integration). Your normal admin panel user and password is not to be used here. And would cause the described error message

Create integration

  1. this command returns a token

     curl 'https://shopware-url.example.com/api/oauth/token'  -H 'Accept: application/json'  -H 'Content-Type: application/json'   --data '{
     "grant_type": "client_credentials",
     "client_id": "SWxxxxxxxxxxxxxxxxxxxx",
     "client_secret": "xxxxxxxxxxxxxxxxxxxxxxxx"
   }'

I believe your client_id would also start with "SW".

If this is not working, something is wrong on the Shopware side.

If you have a chance to use Xdebug, you might want to debug set a breakpoint at the function

\League\OAuth2\Server\AuthorizationServer::respondToAccessTokenRequest (file: vendor/league/oauth2-server/src/AuthorizationServer.php)

Or you insert debug code like this:

public function respondToAccessTokenRequest(ServerRequestInterface $request, ResponseInterface $response)
{
    var_dump(array_keys($this->enabledGrantTypes)); die();

This should print

array(3) {
   [0]=>
   string(8) "password"
   [1]=>
   string(13) "refresh_token"
   [2]=>
   string(18) "client_credentials"
}

Upvotes: 2

Thomas Carlton
Thomas Carlton

Reputation: 5958

utl_http is a low level tool to make REST requests. It will definitly work but you have to figure it out. I have always struggled with it.

Here you are sending some parameters as a json text:

utl_http.write_text(l_req,'{
                            "grant_type": "client_credentials",
                            "client_id": "[my-client-id]",
                            "client_secret": "[my-client-secret]"
                           }');

I doubt this will work...

What about using apex_web_service.make_rest_request as an alternative ?

Here is an example :

declare
    URL varchar2(1000) := EndPoint || Command;  -- for example : EndPoint : [shop.example.com] and Command : [/api/product/b7d2554b0ce847cd82f3ac9bd1c0dfad]
    MyParameters varchar2(1000) := 'param1:param2...';
    MyParametersValues varchar2(1000) := 'value1:value2...';
    StatusCode number;
    Output clob;        
begin
    -- Clear headers
    apex_web_service.g_request_headers.delete();

    -- Add your headers here
    for i in 1..n
    loop 
        apex_web_service.g_request_headers(i).name := 'whatever';
        apex_web_service.g_request_headers(i).value := 'whatever';
    end loop;

    -- Make Rest Request
    Output := apex_web_service.make_rest_request(
                                p_url => URL,
                                p_http_method => 'POST or GET or DELETE...',
                                p_parm_name => apex_util.string_to_table(MyParameters),         
                                p_parm_value => apex_util.string_to_table(MyParametersValues));                                 

    -- Get the status code to check the result of the rest request
    StatusCode := apex_web_service.g_status_code; 
    return Output or StatusCode or whatever you want;
end;

I have no idea what shopware is but If you want to send grant_type, client_id and client_secret, you can either try send them in Headers. It this doesn't work, you can send them in parameters. One of them will work.

Upvotes: 1

Related Questions