Earlier last year, I blogged about a way to mimic oAuth using HTTP Client. But it is of no use because the package HTTPClient is retired from Calgary. Also, we aren't using the Service Now features to do the same. Henceforth, I came up with a another way to do oAuth authentication for GotoMeeting.

Again this might be a repetition of a post that I made long back, but don't seem to find that post. Also this isn't packaged well as the main goal of this post isn't re-usability, but to go over some details of oAuth.

Google, Twitter, Github, GotoMeeting and many others will follow a slightly different way to do a oAuth 2.0 authentication. I will slowly start adding more methods to this script soon for other websites too.

Philosophy of this Script Include:

1. Never use any Package code, unless absolutely necessary. Always use any Service Now OOB functionality if available.

That's the only rule this Script Include and it's corresponding code will abide by.

Before I start with the code, I will explain oAuth 2.0 for GotoMeeting in a nutshell:

1. From service now, redirect the user to the Citrix site, where the user will authenticate the third party( here it's service now)

2. Once the user authenticates, Citrix can redirect back to a Service Now URL where in it appends something called [code] code[/code]. We need to exchange this `code` to a Authorization code, with which you will do all your other calls.

3. Store the Authorization code somewhere, so that you can make subsequent calls until it expires.

Before you do any of this, you need to register yourself on the Citrix Developer site for a Developer Key, that you will use so that Citrix identifies your application. Also create an App.

Let's first prepare the URL that you need to point the user to, the below piece of code will do that :

_gotoCall:function(){

              //Some common variables.

              var developer_key = 'dce44dd4d7c3d5153a9342e81b7df08c';

              var URL = '

              //Goto meeting's oAuth can be summarised this way.

              //1. Point the user's browser to the link upon which you will receive a code.

              //2. The code should be exchanged to a Access token

              //Check if the user already has a access token for GOTOMeeting

              var grOAuth   = new GlideRecord("u_oauth_token_info");

              grOAuth.addQuery("u_user",gs.getUserID());

              grOAuth.addQuery("state","valid");

              grOAuth.query();

              //We already have a User and his payload. Hence we don't do the calls again, until the access is

              //revoked. This will not be handles in this Script Include. As we only do oAuth.

              if(grOAuth.next()){

                      //if there is already an access token return JSON object which can be used for furthur calls.

                      return grOAuth.u_payload;

              }

              else{

                      //return the URL - and point it to browser.

                      //responsibilty of the code to check if it has a [https://](https://community.servicenow.com/) and decide if it's a JSON object

                      //or URL

                      //A redirect URL need to be specified like this : https://api.citrixonline.com/oauth/authorize?client%5Fid={api_key}&redirect_uri={redirect}

                      var redirect_uri = '

                      redirect_uri = redirect_uri+"&sysparm_client=goto_meeting"+"&sysparm_userID="+this.user_id;

                      var finalURL = URL+'&redirect_uri='+redirect_uri;

                      if(this.enable_log) this.log("The URL being sent to Citrix "+finalURL);

                              return finalURL;

              }

      },

      gotoExchange:function(){

              var developer_key = 'dce44dd4d7c3d5153a9342e81b7df08c';

              var grOAuth   = new GlideRecord("u_oauth_token_info");

              grOAuth.addQuery("u_user",gs.getUserID());

              grOAuth.addQuery("state","valid");

              grOAuth.query();

              //We already have a User and his payload. Hence we don't do the calls again, until the access is

              //revoked. This will not be handles in this Script Include. As we only do oAuth.

              if(grOAuth.next()){

                      var r = new RESTMessage('GoTo Meeting', 'get');

                      r.setStringParameter('code',grOAuth.u_code);

                      r.setStringParameter('client_id',developer_key);

                      var response = r.execute();

                      gs.log(response.getBody());

                      if(response.haveError()){

                              grOAuth.u_payload   = response.getBody();

                      }

                      else{

                              var payload = response.getBody();

                              grOAuth.u_payload = payload;

                              var expiryTime = new JSON().decode(payload)['expires_in'];//stores the expiry for this token in seconds.

                              var hours = (0.000277778 * expiryTime)/24;

                              var days = -1*hours;

                              grOAuth.setValue('u_expiry_date',gs.daysAgo(days));

                      }

                      grOAuth.update();

              }

      },

      log:function(value){

              gs.log("Logging from oAuth 2.0" + value);

      }

};

Usage:

First call,

var payload = new OAuth('goto_meeting',true).execute();

if(payload.indexOf('https://') > -1){ // we have a URL

// redirect the user.

}

else{

//use the payload.

|payload| gives the JSON object, which you can process and exteact the |authorization code|

}

If the user is redirected, then an entry will be made in the intermediate table. Once that is done, run this:

new OAuth().gotoExchange(); // This should give you the Payload which has |Authorization code|

Another oAuth library ( for twitter ) by Andrew Venables is here : ServiceNow Share

Thanks

To jimmy.yuan for being a Dronacharya to an Ekalavya.