Ruby Example

If you're a ruby ninja then you'll want to refactor but here's a start.


#! /usr/bin/env ruby

# Define credentials obtained from Wonde dashboard SSO settings
CLIENT_ID="<Your Client ID goes here>"
CLIENT_SECRET="<Your Client Secret goes here>"
REDIRECT_URI="http://localhost:8123"

# Now define the Wonde SSO and API endpoints
AUTH_URI="https://edu.wonde.com/oauth/authorize"
TOKEN_URI="https://api.wonde.com/oauth/token"
GRAPHQL_URI="https://api.wonde.com/graphql/me"

require 'webrick'
require 'uri'
require 'net/http'
require 'json'


################################################ HELPER METHODS ###################################################


##
# Redirect the user to our UI to authorise access
#
def authorise response
    params = {
        client_id: CLIENT_ID,
        redirect_uri: REDIRECT_URI,
        response_type: 'code',
    }

    response.set_redirect WEBrick::HTTPStatus::Found, "#{AUTH_URI}?#{URI.encode_www_form(params)}"
end

##
# Get an access token using the authorisation code obtained from an earlier redirect
##
def getAccessToken(code)
    params = {
        grant_type: 'authorization_code',
        client_id: CLIENT_ID,
        client_secret: CLIENT_SECRET,
        redirect_uri: REDIRECT_URI,
        code: code,
    }

    response = httpRequest(TOKEN_URI, params, nil)

    if response.kind_of? Net::HTTPSuccess
        puts "getAccessToken Success!"
        body = JSON.parse response.body
        return body["access_token"]
    else
        puts "getAccessToken Failure!"
        return nil
    end

end

##
# Access the API using the access token obtained earlier
##
def makeApiRequest(access_token)
    query = <<-GRAPHQL
        {
            Me {
                id
                Person {
                    __typename
                    ... on Student {
                        id
                        type
                        forename
                        middle_names
                        surname
                    }
                    ... on Contact {
                        id
                        type
                        forename
                        middle_names
                        surname
                    }
                    ... on Employee {
                        id
                        type
                        forename
                        middle_names
                        surname
                    }
                }
            }
        }
    GRAPHQL

    params = {
        query: query,
    }

    # return httpRequest(GRAPHQL_URI, $params, $access_token);
    response = httpRequest(GRAPHQL_URI, params, access_token)

    if response.kind_of? Net::HTTPSuccess
        puts "makeApiRequest Success!"
        return response.body
    else
        puts "makeApiRequest Failure!"
        return nil
    end
end

##
# Make a request, optionally with POST data and an access token, if obtained
##
def httpRequest(url, params, access_token = nil)

    uri = URI(url)

    Net::HTTP.start(uri.host, uri.port,
        :use_ssl => uri.scheme == 'https') do |http|
        request = Net::HTTP::Post.new uri
        request['Authorization'] = "Bearer #{access_token}" if access_token
        request.set_form_data params

        puts "Sending Request: "
        puts request.inspect
        response = http.request request
        puts "Request response: "
        puts response.inspect
        puts "Request response body: "
        puts response.body.inspect
        response
    end
end


################################################ RUN SERVER ###################################################

# signal handling
trap("INT") { @server.shutdown }
trap("TERM") { @server.shutdown }

begin
    @server  = WEBrick::HTTPServer.new :Port => 8123

    @server.mount_proc '/' do |req, res|
        # Ready to go, so now route this request accordingly
        case (not req.query['code'].nil?)
        # A) User has NOT been redirected away and authorised access to this
        # application, so redirect them to the Wonde UI to complete this
        when false
            authorise(res)
            puts "Redirecting...."

        # B) User has been redirected and has authorised, so use their
        # authorisation code to get a token and make an API request
        when true
            puts 'code: '
            puts req.query['code']

            access_token = getAccessToken(req.query['code'])
            if access_token
                puts 'access_token:'
                puts access_token

                data = makeApiRequest(access_token)
                if data
                    res.body = data
                else data
                    res.body = "Error while making API request."
                end
            else
                res.body = "Error while getting access token."
            end
        end
    end

    @server.start
end
							

We speak your language, here are some
examples to get you started.