RPA.MFA

Generates an authorization URL which must be opened by the user to start the OAuth2 flow and obtain an authorization code as response.

Arguments

ArgumentTypeDefault valueDescription
auth_urlstrnullAuthorization endpoint to call the request on. (https URL usually ending with '/authorize')
null
client_idstrnullClient app ID. (generated by the provider)
redirect_uristrnullRedirect URL allowed by the Client app configuration. ( necessary for getting the code response)
scopestrnullSpace-separated string of permissions. (accepted during the consent screen)
kwargsnull

The received response URL should be passed further with Get OAuth Token in order to complete the flow. Arbitrary keyword arguments can be passed to the keyword, which will be redirected to the wrapped oauthlib library method call.

param auth_url:Authorization endpoint to call the request on. (https URL usually ending with '/authorize')
param client_id:
 Client app ID. (generated by the provider)
param redirect_uri:
 Redirect URL allowed by the Client app configuration. ( necessary for getting the code response)
param scope:Space-separated string of permissions. (accepted during the consent screen)
returns:Authorization URL string not containing any sensitive info in it. (call it with access_type="offline" or set the right scope in the authorization URL for ensuring the existence of the refresh token)

Example: Robot Framework

*** Tasks *** Start OAuth Flow ${auth_url} = Generate OAuth URL ... https://accounts.google.com/o/oauth2/auth ... client_id=810482312368-19htmcgcj*******googleusercontent.com ... redirect_uri=https://developers.google.com/oauthplayground ... scope=https://mail.google.com ... access_type=offline prompt=consent # explicit grant Log Start OAuth2 flow: ${auth_url}

Example: Python

from RPA.MFA import MFA lib_mfa = MFA() auth_url = lib_mfa.generate_oauth_url( "https://accounts.google.com/o/oauth2/auth", ... ) print(f"Start OAuth2 flow: {auth_url}")

Get counter based one time password using separately set passcode or by parameter otp_passcode. The counter index is given by the counter parameter.

Arguments

ArgumentTypeDefault valueDescription
counterintnullthe index of the counter
otp_passcodestr, NoneNonethe passcode provided by the Authenticator
param counter:the index of the counter
param otp_passcode:
 the passcode provided by the Authenticator

Exchanges the code obtained previously with Generate OAuth URL for a token.

Arguments

ArgumentTypeDefault valueDescription
token_urlstrnullToken endpoint used with a POST request in order to retrieve the token data. (https URL usually ending with '/token')
null
client_secretstrnullClient app secret. (generated by the provider)
response_urlstrnullThe final URL containing the authorization code found in the address bar after authenticating and authorizing the Client app through the authorization URL.
kwargsnull

The refresh token from the returned dictionary can be used further with the Refresh OAuth Token keyword in order to obtain a new access token when the previous one expires. (usually after one hour) Arbitrary keyword arguments can be passed to the keyword, which will be redirected to the wrapped oauthlib library method call.

param token_url:
 Token endpoint used with a POST request in order to retrieve the token data. (https URL usually ending with '/token')
param client_secret:
 Client app secret. (generated by the provider)
param response_url:
 The final URL containing the authorization code found in the address bar after authenticating and authorizing the Client app through the authorization URL.
returns:A dictionary containing the access token, metadata and optionally the refresh token.

Example: Robot Framework

*** Tasks *** Finish OAuth Flow ${token} = Get OAuth Token ... https://accounts.google.com/o/oauth2/token ... client_secret=GOCSPX-******mqZAW89 ... response_url=${resp_url} # redirect of Generate OAuth URL

Example: Python

from RPA.MFA import MFA lib_mfa = MFA() lib_mfa.get_oauth_token("https://accounts.google.com/o/oauth2/token", ...)

Get time based one time password using separately set passcode or by parameter otp_passcode.

Arguments

ArgumentTypeDefault valueDescription
otp_passcodestr, NoneNonethe passcode provided by the Authenticator
param otp_passcode:
 the passcode provided by the Authenticator

Refreshes the token as the access one usually expires after 1h and the refresh one never expires. (as long as it doesn't get revoked)

Arguments

ArgumentTypeDefault valueDescription
token_urlstrnullToken endpoint used with a POST request in order to refresh the token data. (https URL usually ending with '/token')
null
client_idstr, NoneNoneClient app ID. (generated by the provider)
client_secretstrnullClient app secret. (generated by the provider)
refresh_tokenstr, NoneNoneRefresh token string found in the dictionary obtained with Get OAuth Token or Refresh OAuth Token.
kwargsnull

The effect of this keyword is similar to Get OAuth Token, but this time you refresh unattended an already existing token by receiving a new one instead. Arbitrary keyword arguments can be passed to the keyword, which will be redirected to the wrapped oauthlib library method call.

param token_url:
 Token endpoint used with a POST request in order to refresh the token data. (https URL usually ending with '/token')
param client_id:
 Client app ID. (generated by the provider)
param client_secret:
 Client app secret. (generated by the provider)
param refresh_token:
 Refresh token string found in the dictionary obtained with Get OAuth Token or Refresh OAuth Token.
returns:A token dictionary containing a new access token and updated metadata. (the refresh token inside isn't guaranteed to remain constant)

Example: Robot Framework

*** Tasks *** Refresh OAuth Flow ${token} = Refresh OAuth Token ... https://accounts.google.com/o/oauth2/token ... client_id=810482312368-19htmcgcj*******googleusercontent.com ... client_secret=GOCSPX-******mqZAW89 ... refresh_token=${token}[refresh_token] # from Get OAuth Token

Example: Python

from RPA.MFA import MFA lib_mfa = MFA() lib_mfa.refresh_oauth_token( "https://accounts.google.com/o/oauth2/token", ... )

Set counter based OTP with passcode.

Arguments

ArgumentTypeDefault valueDescription
otp_passcodestrnullthe passcode provided by the Authenticator
param otp_passcode:
 the passcode provided by the Authenticator

Set time based OTP with passcode.

Arguments

ArgumentTypeDefault valueDescription
otp_passcodestrnullthe passcode provided by the Authenticator
param otp_passcode:
 the passcode provided by the Authenticator

Set time or counter based OTP with passcode stored in the Robocorp Vault named with vault_name under key of vault_key.

Arguments

ArgumentTypeDefault valueDescription
vault_namestrnullname of the vault storing the passcode
vault_keystrnullname of the vault key storing the passcode value
modeOTPModeTIME
param vault_name:
 name of the vault storing the passcode
param vault_key:
 name of the vault key storing the passcode value