It's all about the answers!

Ask a question

How to call OSLC API without using user id and password?


Tadahiro Hara (904) | asked Mar 03 '20, 3:25 a.m.
Question
How to call OSLC API without using user id and password.

Background
We would like to call OSLC API without using user id and password.
It is because we need to avoid using password to follow our security policy when calling OSLC API.

One answer



permanent link
Tadahiro Hara (904) | answered Mar 03 '20, 3:29 a.m.
edited Mar 03 '20, 3:35 a.m.
I found the way to call OSLC API without user id and password.

Please look the following sample.
https://github.com/OSLC/lyo-samples
Two-legged OAuth Sample



The example of the result is the following.
GET https://local.jkebanking.net/ccm/resource/itemName/com.ibm.team.workitem.WorkItem/1
Authorization: OAuth oauth_token="", oauth_consumer_key="187d851a1ecc4daeb6bcce7122151d14", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1583219842", oauth_nonce="1106358187910800", oauth_version="1.0", oauth_signature="lPTNgP8%2FSVb1lYwjEePEZIxpKrY%3D"

HTTP/1.1 200 OK
Date: Tue, 03 Mar 2020 07:17:24 GMT
X-Powered-By: Servlet/3.0
Strict-Transport-Security: max-age=31536000
ETag: "5fd414fe-462b-311c-b88c-6e4b147278c6"
Last-Modified: Tue, 08 Oct 2019 07:24:19 GMT
Expires: Tue, 03 Mar 2020 07:17:24 GMT
OSLC-Core-Version: 2.0
Vary: Accept,OSLC-Core-Version
Set-Cookie: JSESSIONID=0000ZqQpsii2HajnEM3SrbYgjRN:5f941c41-44d7-4f23-8125-2e6f1daf1222; Path=/; Secure; HttpOnly
Cache-Control: private, must-revalidate, max-age=0, no-cache=set-cookie
Keep-Alive: timeout=10, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/rdf+xml;charset=UTF-8
Content-Language: ja-JP

<rdf:RDF
xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
xmlns:dcterms="http://purl.org/dc/terms/"
xmlns:rtc_ext="http://jazz.net/xmlns/prod/jazz/rtc/ext/1.0/"
xmlns:oslc="http://open-services.net/ns/core#"
xmlns:acp="http://jazz.net/ns/acp#"
xmlns:oslc_cm="http://open-services.net/ns/cm#"
xmlns:oslc_cmx="http://open-services.net/ns/cm-x#"
xmlns:oslc_pl="http://open-services.net/ns/pl#"
xmlns:acc="http://open-services.net/ns/core/acc#"
xmlns:rtc_cm="http://jazz.net/xmlns/prod/jazz/rtc/cm/1.0/"
xmlns:process="http://jazz.net/ns/process#" >
<rdf:Description rdf:about="https://local.jkebanking.net/ccm/resource/itemName/com.ibm.team.workitem.WorkItem/1">
<oslc_cmx:project rdf:resource="https://local.jkebanking.net/ccm/oslc/projectareas/_IH1G4TMdEemPEpj6Q2FHPw"/>
<rtc_cm:progressTracking rdf:resource="https://local.jkebanking.net/ccm/oslc/workitems/_O78fNzMdEemPEpj6Q2FHPw/progressTracking"/>
<rdf:type rdf:resource="http://open-services.net/ns/cm#ChangeRequest"/>
<rtc_cm:timeSheet rdf:resource="https://local.jkebanking.net/ccm/oslc/workitems/_O78fNzMdEemPEpj6Q2FHPw/rtc_cm:timeSheet"/>
<oslc_cm:inprogress rdf:datatype="http://www.w3.org/2001/XMLSchema#boolean">false</oslc_cm:inprogress>
<oslc:shortId rdf:datatype="http://www.w3.org/2001/XMLSchema#string">1</oslc:shortId>
<dcterms:type rdf:datatype="http://www.w3.org/2001/XMLSchema#string">障害</dcterms:type>
<oslc_cm:reviewed rdf:datatype="http://www.w3.org/2001/XMLSchema#boolean">false</oslc_cm:reviewed>
<oslc:instanceShape rdf:resource="https://local.jkebanking.net/ccm/oslc/shapes/workitems/_O78fNzMdEemPEpj6Q2FHPw"/>
<dcterms:creator rdf:resource="https://local.jkebanking.net/jts/users/deb"/>
<oslc_cm:closed rdf:datatype="http://www.w3.org/2001/XMLSchema#boolean">false</oslc_cm:closed>
<oslc_pl:schedule rdf:resource="https://local.jkebanking.net/ccm/oslc/workitems/_O78fNzMdEemPEpj6Q2FHPw/schedule"/>
<oslc_cm:status rdf:datatype="http://www.w3.org/2001/XMLSchema#string">新規</oslc_cm:status>
<dcterms:subject rdf:datatype="http://www.w3.org/2001/XMLSchema#string">値, ウェアハウス, インストール</dcterms:subject>
<acc:accessContext rdf:resource="https://local.jkebanking.net/ccm/acclist#_IH1G4TMdEemPEpj6Q2FHPw"/>
<dcterms:identifier rdf:datatype="http://www.w3.org/2001/XMLSchema#string">1</dcterms:identifier>
<dcterms:modified rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2019-10-08T07:24:19.150Z</dcterms:modified>
<rtc_cm:due rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2019-10-10T01:00:00.000Z</rtc_cm:due>
<acp:accessControl rdf:resource="https://local.jkebanking.net/ccm/oslc/access-control/_IH1G4TMdEemPEpj6Q2FHPw"/>
<rtc_cm:resolvedBy rdf:resource="https://local.jkebanking.net/jts/users/unassigned"/>
<rtc_cm:type rdf:resource="https://local.jkebanking.net/ccm/oslc/types/_IH1G4TMdEemPEpj6Q2FHPw/defect"/>
<rtc_cm:repository rdf:resource="https://local.jkebanking.net/ccm/oslc/repository"/>
<oslc_cmx:priority rdf:resource="https://local.jkebanking.net/ccm/oslc/enumerations/_IH1G4TMdEemPEpj6Q2FHPw/priority/priority.literal.l11"/>
<rtc_ext:contextId rdf:datatype="http://www.w3.org/2001/XMLSchema#string">_IH1G4TMdEemPEpj6Q2FHPw</rtc_ext:contextId>
<oslc:serviceProvider rdf:resource="https://local.jkebanking.net/ccm/oslc/contexts/_IH1G4TMdEemPEpj6Q2FHPw/workitems/services"/>
<rtc_cm:modifiedBy rdf:resource="https://local.jkebanking.net/jts/users/clmadmin"/>
<rtc_cm:state rdf:resource="https://local.jkebanking.net/ccm/oslc/workflows/_IH1G4TMdEemPEpj6Q2FHPw/states/com.ibm.team.workitem.defectWorkflow/com.ibm.team.workitem.defectWorkflow.state.s1"/>
<oslc:shortTitle rdf:parseType="Literal">障害 1</oslc:shortTitle>
<rtc_cm:plannedFor rdf:resource="https://local.jkebanking.net/ccm/oslc/iterations/_IKziZzMdEemPEpj6Q2FHPw"/>
<rtc_cm:filedAgainst rdf:resource="https://local.jkebanking.net/ccm/resource/itemOid/com.ibm.team.workitem.Category/_O4ErsjMdEemPEpj6Q2FHPw"/>
<dcterms:title rdf:parseType="Literal">ユーザー・パスワードの変更不可</dcterms:title>
<process:iteration rdf:resource="https://local.jkebanking.net/ccm/process/iterations/_IKziZzMdEemPEpj6Q2FHPw"/>
<oslc_cmx:severity rdf:resource="https://local.jkebanking.net/ccm/oslc/enumerations/_IH1G4TMdEemPEpj6Q2FHPw/severity/severity.literal.l3"/>
<oslc_cm:fixed rdf:datatype="http://www.w3.org/2001/XMLSchema#boolean">false</oslc_cm:fixed>
<oslc_cm:verified rdf:datatype="http://www.w3.org/2001/XMLSchema#boolean">false</oslc_cm:verified>
<dcterms:contributor rdf:resource="https://local.jkebanking.net/jts/users/marco"/>
<rtc_cm:estimate rdf:datatype="http://www.w3.org/2001/XMLSchema#integer">3600000</rtc_cm:estimate>
<oslc:discussedBy rdf:resource="https://local.jkebanking.net/ccm/oslc/workitems/_O78fNzMdEemPEpj6Q2FHPw/rtc_cm:comments"/>
<rtc_cm:subscribers rdf:resource="https://local.jkebanking.net/jts/users/deb"/>
<dcterms:created rdf:datatype="http://www.w3.org/2001/XMLSchema#dateTime">2019-01-21T00:12:46.080Z</dcterms:created>
<dcterms:description rdf:parseType="Literal">ユーザーがパスワードを変更できるようにするには、UI の追加が必要である。</dcterms:description>
<process:projectArea rdf:resource="https://local.jkebanking.net/ccm/process/project-areas/_IH1G4TMdEemPEpj6Q2FHPw"/>
<oslc_cm:approved rdf:datatype="http://www.w3.org/2001/XMLSchema#boolean">false</oslc_cm:approved>
<rtc_ext:archived rdf:datatype="http://www.w3.org/2001/XMLSchema#boolean">false</rtc_ext:archived>
</rdf:Description>
</rdf:RDF>

Comments
1
Ralph Schoon commented Mar 03 '20, 6:53 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER

OAUTH is nothing other than a credential (similar to a userID and password pair), or an API token, that needs to be created and maintained.  


You do not have access to the system without a user and a password you have a special pre trusted credential that you can use


Tadahiro Hara commented Mar 05 '20, 6:50 p.m.
Thank you for your comment but it is confusing for me.

OAUTH is a mechanism.  Consumer key and secret is the credential.

I can access to the system using consumer key and secret with oauth mechanism instead of using user id and password as credential in form based authorization.

Do you agree with this?

1
Ralph Schoon commented Mar 06 '20, 1:45 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER

I agree with that. 


Tadahiro Hara commented Mar 06 '20, 2:49 a.m.

Thank you.
I ppreciate it.

Your answer


Register or to post your answer.