Page 1 of 1

How do I use Bullhorn REST API without manual User Oauth2 Au

Posted: Sun Apr 14, 2013 7:19 pm
by MojoNixon
Hi,

I need to access the Bullhorn REST API automatically without a user. I need to programmatically pull data from Bullhorn without a "user" manually giving authorization in the Oauth 2.0 process. Ideally, I would be able to obtain an authorization token that never expires. How can bullhorn's REST API be used without a user doing the authorization?

What is the best way to approach this problem?

Thanks

Re: How do I use Bullhorn REST API without manual User Oauth2 Au

Posted: Mon Apr 15, 2013 12:09 am
by yorkapi2
I had this same problem.
The documentation fails to mention how to do it programmatically - the trick is the 'action=Login' in the request.

You can make a CURL request to the OAuth url with query string, like so (in PHP):

Code: Select all

function getBHAuthCode()
{
    $bullhornid = '[YOURBULLHORNCLIENTID]';
    $url = 'https://auth.bullhornstaffing.com/oauth/authorize?client_id='.$bullhornid.'&response_type=code';
    $data = "action=Login&username=[YOURBULLHORNUSER]&password=[YOURBULLHORNPASS]";

    $options = array( 
			CURLOPT_POST           => true,
			CURLOPT_POSTFIELDS     => $data,
			CURLOPT_RETURNTRANSFER => true,
			CURLOPT_HEADER         => true,    
			CURLOPT_FOLLOWLOCATION => true,
			CURLOPT_AUTOREFERER    => true,    
			CURLOPT_CONNECTTIMEOUT => 120, 
			CURLOPT_TIMEOUT        => 120,      
		); 

    $ch  = curl_init( $url ); 
    curl_setopt_array( $ch, $options ); 
    $content = curl_exec( $ch ); 

    curl_close( $ch ); 
			
    if(preg_match('#Location: (.*)#', $content, $r)) {
	$l = trim($r[1]);
	$temp = preg_split("/code=/", $l);
	$authcode = $temp[1];
    }

    return $authcode;

}
$authcode will be the code you use to get your access_token.

You will need 4 functions:
- getBHAuthCode : to get your authcode from the result URL
- doBullhornAuth : using the authcode to get your access_token and refresh_token (store refresh_token to session)
- doBullhornLogin: using the access_token to login to the REST API (and store your BHRestToken and restUrl to session)
- doBullhornRefresh : using the refresh_token on EVERY page requiring API interactivity to get a new access_token (and storing the NEW refresh_token to session)

I do a check on all pages of my application... if the refresh_token is saved in current session, simply refresh the token; otherwise getBHAuthCode();doBullhornAuth();doBullhornLogin();

Re: How do I use Bullhorn REST API without manual User Oauth2 Au

Posted: Wed Apr 17, 2013 8:34 am
by Amazing
Hello Yorkapi2,

Thanks for your fantastic responds. Can you share where you got your 'trick' information?
or better still the source for the other functions you mentioned as trying to do so fails because the access-token expires within
10mins or so.

I'd be glad if you could help.

Thanks
yorkapi2 wrote:I had this same problem.
The documentation fails to mention how to do it programmatically - the trick is the 'action=Login' in the request.

You can make a CURL request to the OAuth url with query string, like so (in PHP):

Code: Select all

function getBHAuthCode()
{
    $bullhornid = '[YOURBULLHORNCLIENTID]';
    $url = 'https://auth.bullhornstaffing.com/oauth/authorize?client_id='.$bullhornid.'&response_type=code';
    $data = "action=Login&username=[YOURBULLHORNUSER]&password=[YOURBULLHORNPASS]";

    $options = array( 
			CURLOPT_POST           => true,
			CURLOPT_POSTFIELDS     => $data,
			CURLOPT_RETURNTRANSFER => true,
			CURLOPT_HEADER         => true,    
			CURLOPT_FOLLOWLOCATION => true,
			CURLOPT_AUTOREFERER    => true,    
			CURLOPT_CONNECTTIMEOUT => 120, 
			CURLOPT_TIMEOUT        => 120,      
		); 

    $ch  = curl_init( $url ); 
    curl_setopt_array( $ch, $options ); 
    $content = curl_exec( $ch ); 

    curl_close( $ch ); 
			
    if(preg_match('#Location: (.*)#', $content, $r)) {
	$l = trim($r[1]);
	$temp = preg_split("/code=/", $l);
	$authcode = $temp[1];
    }

    return $authcode;

}
$authcode will be the code you use to get your access_token.

You will need 4 functions:
- getBHAuthCode : to get your authcode from the result URL
- doBullhornAuth : using the authcode to get your access_token and refresh_token (store refresh_token to session)
- doBullhornLogin: using the access_token to login to the REST API (and store your BHRestToken and restUrl to session)
- doBullhornRefresh : using the refresh_token on EVERY page requiring API interactivity to get a new access_token (and storing the NEW refresh_token to session)

I do a check on all pages of my application... if the refresh_token is saved in current session, simply refresh the token; otherwise getBHAuthCode();doBullhornAuth();doBullhornLogin();

Re: How do I use Bullhorn REST API without manual User Oauth2 Au

Posted: Thu Apr 18, 2013 9:39 am
by yorkapi2
Yes, I can tell you - I FIGURED IT OUT ON MY OWN!!!
I used Firebug to check the POST when I submitted the form manually.

You need to use the refresh_token that you receive in the same JSON response as the access_token. The refresh_token takes a long time to expire (but it DOES expire after a LONG time without any refresh)

Re: How do I use Bullhorn REST API without manual User Oauth2 Au

Posted: Mon May 20, 2013 4:05 pm
by Alliance
Thank you yorkapi2, and to Mojo and Amazing for asking the questions. Very helpful.
Note to PHP developers, do not use PHP's urlencode() when building query strings for token requests. This resulted in invalid_client errors for me. Instead use a loop to concat args to the url, unencoded.
Big thank you, once again, guys.

Re: How do I use Bullhorn REST API without manual User Oauth2 Au

Posted: Tue Jul 16, 2013 5:37 am
by sanjaysnair
This worked for me.
To get session id without any user interaction.

<?php
define('CLIENT_ID', '***********');
define('CLIENT_SECRET', '*******************');
define('USER', '********');
define('PASS', '*************');

function getAuthCode()
{
$url = 'https://auth.bullhornstaffing.com/oauth ... ord='.PASS;
$curl = curl_init( $url );
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_HEADER, true);
//curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($curl, CURLOPT_AUTOREFERER, true);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 120);
curl_setopt($curl, CURLOPT_TIMEOUT, 120);

$content = curl_exec( $curl );
curl_close( $curl );//die($content);

if(preg_match('#Location: (.*)#', $content, $r)) {
$l = trim($r[1]);
$temp = preg_split("/code=/", $l);
$authcode = $temp[1];
}

return $authcode;
}

function doBullhornAuth($authCode)
{
$url = 'https://auth.bullhornstaffing.com/oauth ... ENT_SECRET;

$options = array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => array()
);

$ch = curl_init( $url );
curl_setopt_array( $ch, $options );
$content = curl_exec( $ch );

curl_close( $ch ); //die($content);

return $content;

}

function doBullhornLogin($accessToken)
{
$url = 'https://rest.bullhornstaffing.com/rest- ... ccessToken;
$curl = curl_init( $url );
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
//curl_setopt($curl, CURLOPT_HEADER, true);
//curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
//curl_setopt($curl, CURLOPT_AUTOREFERER, true);
//curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 120);
//curl_setopt($curl, CURLOPT_TIMEOUT, 120);

$content = curl_exec( $curl );
curl_close( $curl );
return $content;
}

try {
$authCode = getAuthCode();//echo $authCode;die;
$auth = doBullhornAuth($authCode);//echo $auth;die;
$tokens = json_decode($auth);//print '<pre>';print_r($tokens);die;
$session = doBullhornLogin($tokens->access_token);
echo $session;die;
} catch (Exception $e) {
error_log($e->getMessage());
}

Re: How do I use Bullhorn REST API without manual User Oauth2 Au

Posted: Thu Jul 25, 2013 1:32 pm
by jeffsacco
Very nice code snippet.

Thank you!

Re: How do I use Bullhorn REST API without manual User Oauth2 Au

Posted: Wed Oct 01, 2014 3:42 pm
by gregrbparker
I am trying to get this solution to work but the curl isnt working. if I var_dump($content) I get bool(false). Thoguhts?