RPA.MFA
Generate Oauth Url
Generates an authorization URL which must be opened by the user to start the OAuth2 flow and obtain an authorization code as response.
Arguments
| Argument | Type | Default value | Description |
|---|---|---|---|
| auth_url | str | null | Authorization endpoint to call the request on. (https URL usually ending with '/authorize') |
| null | |||
| client_id | str | null | Client app ID. (generated by the provider) |
| redirect_uri | str | null | Redirect URL allowed by the Client app configuration. ( necessary for getting the code response) |
| scope | str | null | Space-separated string of permissions. (accepted during the consent screen) |
| kwargs | null |
The received response URL should be passed further with Get OAuth Token in order to complete the flow. Arbitrary keyword arguments can be passed to the keyword, which will be redirected to the wrapped oauthlib library method call.
| param auth_url: | Authorization endpoint to call the request on. (https URL usually ending with '/authorize') |
|---|---|
| param client_id: | |
| Client app ID. (generated by the provider) | |
| param redirect_uri: | |
| Redirect URL allowed by the Client app configuration. ( necessary for getting the code response) | |
| param scope: | Space-separated string of permissions. (accepted during the consent screen) |
| returns: | Authorization URL string not containing any sensitive info in it. (call it with access_type="offline" or set the right scope in the authorization URL for ensuring the existence of the refresh token) |
Example: Robot Framework
*** Tasks ***
Start OAuth Flow
${auth_url} = Generate OAuth URL
... https://accounts.google.com/o/oauth2/auth
... client_id=810482312368-19htmcgcj*******googleusercontent.com
... redirect_uri=https://developers.google.com/oauthplayground
... scope=https://mail.google.com
... access_type=offline prompt=consent # explicit grant
Log Start OAuth2 flow: ${auth_url}
Example: Python
from RPA.MFA import MFA
lib_mfa = MFA()
auth_url = lib_mfa.generate_oauth_url(
"https://accounts.google.com/o/oauth2/auth", ...
)
print(f"Start OAuth2 flow: {auth_url}")
Get Counter Based Otp
Get counter based one time password using separately set passcode or by parameter otp_passcode. The counter index is given by the counter parameter.
Arguments
| Argument | Type | Default value | Description |
|---|---|---|---|
| counter | int | null | the index of the counter |
| otp_passcode | str, None | None | the passcode provided by the Authenticator |
| param counter: | the index of the counter |
|---|---|
| param otp_passcode: | |
| the passcode provided by the Authenticator | |
Get Oauth Token
Exchanges the code obtained previously with Generate OAuth URL for a token.
Arguments
| Argument | Type | Default value | Description |
|---|---|---|---|
| token_url | str | null | Token endpoint used with a POST request in order to retrieve the token data. (https URL usually ending with '/token') |
| null | |||
| client_secret | str | null | Client app secret. (generated by the provider) |
| response_url | str | null | The final URL containing the authorization code found in the address bar after authenticating and authorizing the Client app through the authorization URL. |
| kwargs | null |
The refresh token from the returned dictionary can be used further with the Refresh OAuth Token keyword in order to obtain a new access token when the previous one expires. (usually after one hour) Arbitrary keyword arguments can be passed to the keyword, which will be redirected to the wrapped oauthlib library method call.
| param token_url: | |
|---|---|
| Token endpoint used with a POST request in order to retrieve the token data. (https URL usually ending with '/token') | |
| param client_secret: | |
| Client app secret. (generated by the provider) | |
| param response_url: | |
| The final URL containing the authorization code found in the address bar after authenticating and authorizing the Client app through the authorization URL. | |
| returns: | A dictionary containing the access token, metadata and optionally the refresh token. |
Example: Robot Framework
*** Tasks ***
Finish OAuth Flow
${token} = Get OAuth Token
... https://accounts.google.com/o/oauth2/token
... client_secret=GOCSPX-******mqZAW89
... response_url=${resp_url} # redirect of Generate OAuth URL
Example: Python
from RPA.MFA import MFA
lib_mfa = MFA()
lib_mfa.get_oauth_token("https://accounts.google.com/o/oauth2/token", ...)
Get Time Based Otp
Get time based one time password using separately set passcode or by parameter otp_passcode.
Arguments
| Argument | Type | Default value | Description |
|---|---|---|---|
| otp_passcode | str, None | None | the passcode provided by the Authenticator |
| param otp_passcode: | |
|---|---|
| the passcode provided by the Authenticator | |
Refresh Oauth Token
Refreshes the token as the access one usually expires after 1h and the refresh one never expires. (as long as it doesn't get revoked)
Arguments
| Argument | Type | Default value | Description |
|---|---|---|---|
| token_url | str | null | Token endpoint used with a POST request in order to refresh the token data. (https URL usually ending with '/token') |
| null | |||
| client_id | str, None | None | Client app ID. (generated by the provider) |
| client_secret | str | null | Client app secret. (generated by the provider) |
| refresh_token | str, None | None | Refresh token string found in the dictionary obtained with Get OAuth Token or Refresh OAuth Token. |
| kwargs | null |
The effect of this keyword is similar to Get OAuth Token, but this time you refresh unattended an already existing token by receiving a new one instead. Arbitrary keyword arguments can be passed to the keyword, which will be redirected to the wrapped oauthlib library method call.
| param token_url: | |
|---|---|
| Token endpoint used with a POST request in order to refresh the token data. (https URL usually ending with '/token') | |
| param client_id: | |
| Client app ID. (generated by the provider) | |
| param client_secret: | |
| Client app secret. (generated by the provider) | |
| param refresh_token: | |
| Refresh token string found in the dictionary obtained with Get OAuth Token or Refresh OAuth Token. | |
| returns: | A token dictionary containing a new access token and updated metadata. (the refresh token inside isn't guaranteed to remain constant) |
Example: Robot Framework
*** Tasks ***
Refresh OAuth Flow
${token} = Refresh OAuth Token
... https://accounts.google.com/o/oauth2/token
... client_id=810482312368-19htmcgcj*******googleusercontent.com
... client_secret=GOCSPX-******mqZAW89
... refresh_token=${token}[refresh_token] # from Get OAuth Token
Example: Python
from RPA.MFA import MFA
lib_mfa = MFA()
lib_mfa.refresh_oauth_token(
"https://accounts.google.com/o/oauth2/token", ...
)
Set Counter Based Otp
Set counter based OTP with passcode.
Arguments
| Argument | Type | Default value | Description |
|---|---|---|---|
| otp_passcode | str | null | the passcode provided by the Authenticator |
| param otp_passcode: | |
|---|---|
| the passcode provided by the Authenticator | |
Set Time Based Otp
Set time based OTP with passcode.
Arguments
| Argument | Type | Default value | Description |
|---|---|---|---|
| otp_passcode | str | null | the passcode provided by the Authenticator |
| param otp_passcode: | |
|---|---|
| the passcode provided by the Authenticator | |
Use Mfa Secret From Vault
Set time or counter based OTP with passcode stored in the Robocorp Vault named with vault_name under key of vault_key.
Arguments
| Argument | Type | Default value | Description |
|---|---|---|---|
| vault_name | str | null | name of the vault storing the passcode |
| vault_key | str | null | name of the vault key storing the passcode value |
| mode | OTPMode | TIME |
| param vault_name: | |
|---|---|
| name of the vault storing the passcode | |
| param vault_key: | |
| name of the vault key storing the passcode value | |