Knowledge of OAuth2.0
Create application
-
New application
Access samples (Python+django)
-
Environmental preparation:
-
index.html There are two ways:
- Mode 1: it is authorized by the user, and the caller does not need to know the user name and password of SF
- Method 2: obtain authorization directly through user name and password
Method 1: user authorization is required < br / > Get code < / a > < br / > < br / > Method 2: use password method < br / > <a href="/sfapp/pwdOAuth">Username-Password OAuth</a><br/><br/> Method 3: refresh < br / > <a href="/sfapp/refreshToken">refreshToken</a><br/><br/>
Mode 1: user authorization required
-
When the user clicks "get code", SF login will pop up first, and then pop up whether access is allowed. When allowed, SF callback will put the code behind the callback URL http://localhost:8000/xxx?code=xxxxxxxxxxxxx
-
Then call SF authorization interface with Code in exchange for Access Token
-
With Access Token, call query interface to query customer
-
This method is commonly used in some SF tools, which need to access Org data
-
The returned data structure is as follows:
-
With access_token, you can access SF data (provided that you are authorized to create an App)
-
Code example
def callBack(request): #1 GET the code from the GET request code = request.GET['code'] # Custom identification field, SF returns as is state = request.GET['state'] # Method 1: first, the user authorizes, and then obtains the access_token through the code head = { 'code':code, 'grant_type':'authorization_code', 'client_id':'', 'redirect_uri':'http://localhost:8000/sfapp/callBack', 'client_secret':'' } r = requests.post('https://login.salesforce.com/services/oauth2/token', data=head) request.session['sfInfo'] = r.json() return render(request, 'sfapp/callBack.html', {'result': request.session['sfInfo']}) def getAccountList(request): url = request.session.get('sfInfo').get('instance_url')+ '/services/data/v44.0/query/?q=SELECT name,Id from Account' auth = {'Authorization': 'Bearer %s'%(request.session.get('sfInfo').get('access_token'))} r = requests.get(url, headers = auth) result = r.json() records = result['records'] return render(request, 'sfapp/accountList.html', {'records': records})
Mode 2: authorization by user name and password
- This method only needs to be called once, and the Access Token is exchanged by user name and password
- This method is often used in system api integration
def pwdOAuth(request): head = { 'grant_type': 'password', 'client_id': '', 'redirect_uri': 'http://localhost:8000/sfapp/callBack', 'client_secret': '', 'username':'', 'password':'' } url = 'https://login.salesforce.com/services/oauth2/token' r = requests.post(url, data=head) result = r.json() request.session['sfInfo'] = result return render(request, 'sfapp/callBack.html', {'result': request.session['sfInfo']})
Refresh Token
-
When the authorization expires, obtain a new Access Token through the refresh token
-
If the password mode is used, and there is no refresh token, only in mode 1
-
When obtaining the return of a new Access Token through the refresh token, none, the refresh token
def refreshToken(request): rt = request.session.get('sfInfo').get('refresh_token') head = { 'grant_type': 'refresh_token', 'refresh_token':rt, 'client_id': '', 'redirect_uri': 'http://localhost:8000/sfapp/callBack', 'client_secret': '', 'format':'json' } url = 'https://login.salesforce.com/services/oauth2/token' r = requests.post(url, data=head) result = r.json() request.session['sfInfo'] = result return render(request, 'sfapp/callBack.html', {'result': result})