Tag: OAuth

What’s New in Oracle Policy Automation 18A #2

What’s New in Oracle Policy Automation 18A #2

The second post in this series about What’s New in Oracle Policy Automation 18A covers the new administrative features relating to the REST API. As many readers will know, the latest versions of the product all provide a variety of interfaces that can be manipulated either using a traditional programming language (for example, in an earlier post we looked at using Microsoft Visual Studio and the REST API to review information about users, deployments and even to automate the download of a deployment ZIP file as a proof of concept), or other tools as explained below.

It is possible to use more modern tools such as curl command line tool and library to make calls and receive the JSON output. As a last resort or simply for test purposes one can always use SOAP UI. Although (naturally) we think of SOAP UI as a SOAP testing tool, it is equally at home testing REST endpoints.

What's New in Oracle Policy Automation 18A REST Project

The REST API requires the use of OAuth authentication, so you will need to set up an authentication profile and leverage it to acquire an access token. Once the token is acquired and as long as it has not expired, many calls can be made to the REST API endpoints for example for users, deployments but even (if licensed) the batch engine.

What's New in Oracle Policy Automation 18A OAuth

In the above example, the token is being accessed through Client Grant, using an integration user called integration_example. It assumes of course that this user exists on the Oracle Policy Automation Hub and has API access.

As we are discussing  What’s New in Oracle Policy Automation 18A #2, to quote from the official documentation :

Policy Automation Hub Administrators can now automate the lifecycle of end-to-end integration credentials. The OPA Hub REST API supports the management (create, view, update and delete operations) of three user types: regular users, local API client users and IDCS API client users.

As per the explanation above, the /users endpoint now supports not only normal, and API users but also an Identity Cloud Service user. In the example below, an authenticated call is made to the /users endpoint, and in the latest version this supports all the verbs you will need (GET,PUT, POST,PATCH,DELETE) to fully automate the users collection in your environment.

What's New in Oracle Policy Automation 18A Users Endpoint

What’s New in Oracle Policy Automation August 2017 #2

What’s New in Oracle Policy Automation August 2017 #2 (OPA REST API)

I’ll be entirely honest and say that this post has more to do with finding a good method to describe practical uses for the REST API that would be both interesting and entertaining, than it has with specifically focusing on what is new in Oracle Policy Automation August 2017. But since the OPA REST API is really coming into it’s own in the latest versions, it seems appropriate to file this under the heading of What’s New.

So I fired up Microsoft Visual Studio and decided to challenge myself to provide some code and demonstration that shows how to use the OPA REST API in Visual Basic. I decided to focus on the Deployment API, but wanted to get there in a set of logical steps : basic use, getting structured data out, authenticating your user and finally getting a Zip file to download.

For the Hub REST API, you need to create an integration user. For deployments, the caller needs the Deploy Admin role for the collections they want to access.

I’ll repeat what I said in the video; I’m no programming professional – although I can code my way through most things – and this is a late night experimental plaything, so don’t expect much in the way of clean structure. With that proviso, here are the four challenges.

OPA REST API – Deployment API First Steps

  1. Make a simple call to the API for example in order to retrieve the version information, and see if we can dump the output somewhere

This part is all about the mechanism to actually call the the REST API. The output is just a nice thing to prove it works.

OPA REST API - Get basic about information

From the above snippet, you can see the basic principle : create a WebRequest and build the URL, before asking for the response. The response can be read from the responseStream, and converted into a string before being displayed in a text box on a form.

OPA REST API - VB Form

OPA REST API – Deployment API More Data

So the next step in the learning curve of OPA REST API is to grab more content, and then format it in some way. We are going to get the list of endpoints and the corresponding URLs. The structure is hierarchical, an array of items, and each item has an array of links. For this, we will use a couple of classes to help us define two concepts : the items in the response and the links which are children of the items.

OPA REST API - Get Items and Links

In the above example, the same technique is used to make the request, but the response is deserialized into items and then each item is inspected for links. Since each item has three links and the third one is the link I want to display, I grab that one.

OPA REST API – Deployment Get Authenticated

In the next example, I want to show how to obtain the OAuth2 authentication access token. Most people will not have their Oracle Policy Automation Hub with anonymous access, so this is a very important step.

OPA REST API - Get Authentication

In the example above, the token is parsed out of the response using a different method, grabbing the element through the key to identify it. In this case the response is simple and is not an array.

OPA REST API – Deployment API Download a Snapshot as a Zip

Finally, now that I was able to do all of that, I wanted to make some magic happen. If I can authenticate, let’s go get a deployment as a Zip file and programatically download it.

OPA REST API - Get Zip File

In this final example, the request accepts “application/zip” and the response is grabbed as a memory stream and sent to a file. The folder has to exist but the ZIP file will be created there.

OPA REST API – Deployment API Conclusion

Although this started out a little exercise, I very quickly became a big fan of the OPA REST API – the prospect of being able to undertake so many different tasks (remember that there is a batch assessment API as well as user API) and/ or to programmatically instance them opens up new and powerful avenues for anyone looking to strengthen their DevOps processes around Oracle Policy Automation.

The video below is the code in action, and the result. Anyone who is interested in getting a copy of the code, just leave a comment. No warranty or fitness for purpose implied, but I hope the community will take it as it is intended : as a learning objective about the OPA REST API.

Until next time on the OPA Hub Website, have a great day!

Worldwide
Logo by Southpaw Projects LLC