RPA.MFA library | Robocorp documentation

RPA.MFA

Generate Oauth Url

Generates an authorization URL which must be opened by the user to start the OAuth2 flow and obtain an authorization code as response.

Arguments

Argument	Type	Default value	Description
auth_url	str	null	Authorization endpoint to call the request on. (https URL usually ending with '/authorize')
		null
client_id	str	null	Client app ID. (generated by the provider)
redirect_uri	str	null	Redirect URL allowed by the Client app configuration. ( necessary for getting the code response)
scope	str	null	Space-separated string of permissions. (accepted during the consent screen)
kwargs		null

The received response URL should be passed further with Get OAuth Token in order to complete the flow. Arbitrary keyword arguments can be passed to the keyword, which will be redirected to the wrapped oauthlib library method call.

param client_id:
param auth_url:	Authorization endpoint to call the request on. (https URL usually ending with '/authorize')
	Client app ID. (generated by the provider)
param redirect_uri:
	Redirect URL allowed by the Client app configuration. ( necessary for getting the code response)
param scope:	Space-separated string of permissions. (accepted during the consent screen)
returns:	Authorization URL string not containing any sensitive info in it. (call it with access_type="offline" or set the right scope in the authorization URL for ensuring the existence of the refresh token)

Example: Robot Framework

*** Tasks *** Start OAuth Flow ${auth_url} = Generate OAuth URL ... https://accounts.google.com/o/oauth2/auth ... client_id=810482312368-19htmcgcj*******googleusercontent.com ... redirect_uri=https://developers.google.com/oauthplayground ... scope=https://mail.google.com ... access_type=offline prompt=consent # explicit grant Log Start OAuth2 flow: ${auth_url}

Example: Python

from RPA.MFA import MFA lib_mfa = MFA() auth_url = lib_mfa.generate_oauth_url( "https://accounts.google.com/o/oauth2/auth", ... ) print(f"Start OAuth2 flow: {auth_url}")

Get Counter Based Otp

Get counter based one time password using separately set passcode or by parameter otp_passcode. The counter index is given by the counter parameter.

Arguments

Argument	Type	Default value	Description
counter	int	null	the index of the counter
otp_passcode	str, None	None	the passcode provided by the Authenticator

param otp_passcode:
param counter:	the index of the counter
	the passcode provided by the Authenticator

Get Oauth Token

Exchanges the code obtained previously with Generate OAuth URL for a token.

Arguments

Argument	Type	Default value	Description
token_url	str	null	Token endpoint used with a POST request in order to retrieve the token data. (https URL usually ending with '/token')
		null
client_secret	str	null	Client app secret. (generated by the provider)
response_url	str	null	The final URL containing the authorization code found in the address bar after authenticating and authorizing the Client app through the authorization URL.
kwargs		null

The refresh token from the returned dictionary can be used further with the Refresh OAuth Token keyword in order to obtain a new access token when the previous one expires. (usually after one hour) Arbitrary keyword arguments can be passed to the keyword, which will be redirected to the wrapped oauthlib library method call.

param token_url:
	Token endpoint used with a POST request in order to retrieve the token data. (https URL usually ending with '/token')
param client_secret:
	Client app secret. (generated by the provider)
param response_url:
	The final URL containing the authorization code found in the address bar after authenticating and authorizing the Client app through the authorization URL.
returns:	A dictionary containing the access token, metadata and optionally the refresh token.

Example: Robot Framework

*** Tasks *** Finish OAuth Flow ${token} = Get OAuth Token ... https://accounts.google.com/o/oauth2/token ... client_secret=GOCSPX-******mqZAW89 ... response_url=${resp_url} # redirect of Generate OAuth URL

Example: Python

from RPA.MFA import MFA lib_mfa = MFA() lib_mfa.get_oauth_token("https://accounts.google.com/o/oauth2/token", ...)

Get Time Based Otp

Get time based one time password using separately set passcode or by parameter otp_passcode.

Arguments

Argument	Type	Default value	Description
otp_passcode	str, None	None	the passcode provided by the Authenticator

param otp_passcode:
	the passcode provided by the Authenticator

Refresh Oauth Token

Refreshes the token as the access one usually expires after 1h and the refresh one never expires. (as long as it doesn't get revoked)

Arguments

Argument	Type	Default value	Description
token_url	str	null	Token endpoint used with a POST request in order to refresh the token data. (https URL usually ending with '/token')
		null
client_id	str, None	None	Client app ID. (generated by the provider)
client_secret	str	null	Client app secret. (generated by the provider)
refresh_token	str, None	None	Refresh token string found in the dictionary obtained with Get OAuth Token or Refresh OAuth Token.
kwargs		null

The effect of this keyword is similar to Get OAuth Token, but this time you refresh unattended an already existing token by receiving a new one instead. Arbitrary keyword arguments can be passed to the keyword, which will be redirected to the wrapped oauthlib library method call.

param token_url:
	Token endpoint used with a POST request in order to refresh the token data. (https URL usually ending with '/token')
param client_id:
	Client app ID. (generated by the provider)
param client_secret:
	Client app secret. (generated by the provider)
param refresh_token:
	Refresh token string found in the dictionary obtained with `Get OAuth Token` or `Refresh OAuth Token`.
returns:	A token dictionary containing a new access token and updated metadata. (the refresh token inside isn't guaranteed to remain constant)

Example: Robot Framework

*** Tasks *** Refresh OAuth Flow ${token} = Refresh OAuth Token ... https://accounts.google.com/o/oauth2/token ... client_id=810482312368-19htmcgcj*******googleusercontent.com ... client_secret=GOCSPX-******mqZAW89 ... refresh_token=${token}[refresh_token] # from Get OAuth Token

Example: Python

from RPA.MFA import MFA lib_mfa = MFA() lib_mfa.refresh_oauth_token( "https://accounts.google.com/o/oauth2/token", ... )

Set Counter Based Otp

Set counter based OTP with passcode.

Arguments

Argument	Type	Default value	Description
otp_passcode	str	null	the passcode provided by the Authenticator

param otp_passcode:
	the passcode provided by the Authenticator

Set Time Based Otp

Set time based OTP with passcode.

Arguments

Argument	Type	Default value	Description
otp_passcode	str	null	the passcode provided by the Authenticator

param otp_passcode:
	the passcode provided by the Authenticator

Use Mfa Secret From Vault

Set time or counter based OTP with passcode stored in the Robocorp Vault named with vault_name under key of vault_key.

Arguments

Argument	Type	Default value	Description
vault_name	str	null	name of the vault storing the passcode
vault_key	str	null	name of the vault key storing the passcode value
mode	OTPMode	TIME

param vault_name:
	name of the vault storing the passcode
param vault_key:
	name of the vault key storing the passcode value