import ballerina/http;
import ballerina/io;

// Defines the HTTP client to call the OAuth2 secured APIs.
// The client is enriched with the `Authorization: Bearer <token>` header by
// passing the `http:PasswordGrantConfig` to the `auth` configuration of the
// client.
http:Client securedEP = check new("https://localhost:9090",
    auth = {
        tokenUrl: "https://localhost:9445/oauth2/token",
        username: "admin",
        password: "admin",
        clientId: "FlfJYKBD2c925h4lkycqNZlC2l4a",
        clientSecret: "PJz0UhTJMrHOo68QQNpvnqAY_3Aa",
        scopes: ["admin"],
        refreshConfig: {
            refreshUrl: "https://localhost:9445/oauth2/token",
            scopes: ["hello"],
            clientConfig: {
                secureSocket: {
                    cert: "../resource/path/to/public.crt"
                }
            }
        },
        clientConfig: {
            secureSocket: {
                cert: "../resource/path/to/public.crt"
            }
        }
    },
    secureSocket = {
        cert: "../resource/path/to/public.crt"
    }
);

public function main() returns error? {
    http:Response response = check securedEP->get("/foo/bar");
    io:println(check response.getTextPayload());
}

Client - OAuth2 Password Grant Type

A client, which is secured with OAuth2 password grant type can be used to connect to a secured service.
The client is enriched with the Authorization: Bearer <token> header by passing the http:OAuth2PasswordGrantConfig to the auth configuration of the client.

For more information on the underlying module, see the OAuth2 module.

 
import ballerina/http;
import ballerina/io;

http:Client securedEP = check new("https://localhost:9090",
    auth = {
        tokenUrl: "https://localhost:9445/oauth2/token",
        username: "admin",
        password: "admin",
        clientId: "FlfJYKBD2c925h4lkycqNZlC2l4a",
        clientSecret: "PJz0UhTJMrHOo68QQNpvnqAY_3Aa",
        scopes: ["admin"],
        refreshConfig: {
            refreshUrl: "https://localhost:9445/oauth2/token",
            scopes: ["hello"],
            clientConfig: {
                secureSocket: {
                    cert: "../resource/path/to/public.crt"
                }
            }
        },
        clientConfig: {
            secureSocket: {
                cert: "../resource/path/to/public.crt"
            }
        }
    },
    secureSocket = {
        cert: "../resource/path/to/public.crt"
    }
);

Defines the HTTP client to call the OAuth2 secured APIs. The client is enriched with the Authorization: Bearer <token> header by passing the http:PasswordGrantConfig to the auth configuration of the client.

 
public function main() returns error? {
    http:Response response = check securedEP->get("/foo/bar");
    io:println(check response.getTextPayload());
}

# As a prerequisite, start a sample service secured with OAuth2.
# You may need to change the trusted certificate file path.
bal run http_client_oauth2_password_grant_type.bal
Hello, World!