You can generate the authorization token for a user in Bold Reports by using the Embed Secret Key API. To do this, pass the following parameters in the request body.
username
- The user’s email address.
grant_type
- The type of credentials used to authorize the request for an access token. The valid value is embed_secret.
embed_nonce
- A random string value that restricts attackers from hacking. For example 5ff24040-cd74-42cf-a168-57f8cb7dafed.
timestamp
- The current time as a UNIX timestamp. For example: 1583934776
embed_signature
- By using the username
, embed_nonce
, timestamp
and the embed secret key
(which can be generated from Bold Reports Report server Embed settings), the embed_signature
value can be generated using the HMACSHA256
algorithm.
Here is a sample C# code to illustrate the approach.
Add the following assemblies to the namespace:
System.Collections.Generic
System.Net.Http
Newtonsoft.Json
System.Security.Cryptography
System.Net
Refer to the
Newtonsoft.Json
assembly from the Nuget package.
public class Token
{
public string access_token { get; set; }
public string token_type { get; set; }
public string expires_in { get; set; }
public string email { get; set; }
public string error { get; set; }
public string error_description { get; set; }
}
private static string tokenurl = "/reporting/api/site/site1/token";
private static string boldReportsUrl = "https://demo.example.com"; // Provide your Bold Reports URL
private static string username = "user@example.com"; // Provide your Email ID
private static string nonce = Guid.NewGuid().ToString();
private static string timeStamp = DateTimeToUnixTimeStamp(DateTime.UtcNow).ToString();
private static string secretCode = "lettffAEI0FtKDGdrDekEv7WUbHwOwO"; // Provide your embed secret key value from the Bold Reports Report Server Embed Settings.
public static void Main(string[] args)
{
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12; // This is required while running the Bold Reports from Azure App Service
GetToken();
}
public static Token GetToken()
{
var client = new HttpClient();
client.BaseAddress = new Uri(boldReportsUrl);
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.ConnectionClose = true;
string embedMessage = "embed_nonce=" + nonce + "&user_email=" + username + "×tamp=" + timeStamp;
string signature = SignURL(embedMessage.ToLower(), secretCode);
var content = new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("grant_type", "embed_secret"),
new KeyValuePair<string, string>("username", username),
new KeyValuePair<string, string>("embed_nonce", nonce),
new KeyValuePair<string, string>("embed_signature", signature),
new KeyValuePair<string, string>("timestamp", timeStamp)
});
var result = client.PostAsync(tokenurl, content).Result;
string resultContent = result.Content.ReadAsStringAsync().Result;
if (JsonConvert.DeserializeObject<Token>(resultContent)?.error == "authorization_failed")
{
Console.WriteLine("authorization_failed: " + JsonConvert.DeserializeObject<Token>(resultContent)?.error_description);
Console.ReadLine();
Environment.Exit(-1);
}
return JsonConvert.DeserializeObject<Token>(resultContent);
}
public static double DateTimeToUnixTimeStamp(DateTime dateTime)
{
DateTime unixStart = new DateTime(1970, 1, 1, 0, 0, 0, 0, System.DateTimeKind.Utc);
long unixTimeStampInTicks = (dateTime.ToUniversalTime() - unixStart).Ticks;
return unixTimeStampInTicks / TimeSpan.TicksPerSecond;
}
public static string SignURL(string embedMessage, string secretcode)
{
var encoding = new UTF8Encoding();
var keyBytes = encoding.GetBytes(secretcode);
var messageBytes = encoding.GetBytes(embedMessage);
using (var hmacsha1 = new HMACSHA256(keyBytes))
{
var hashMessage = hmacsha1.ComputeHash(messageBytes);
return Convert.ToBase64String(hashMessage);
}
}
After the token is generated, use it by attaching it to the request header (Authorization) for all subsequent API calls to authenticate the requests.