get_idcs_token

CREATE OR REPLACE FUNCTION get_idcs_token(
    p_idcs_url           IN VARCHAR2,
    p_idcs_client_id     IN VARCHAR2,
    p_idcs_client_secret IN VARCHAR2,
    p_scope_suffix       IN VARCHAR2
) RETURN VARCHAR2
IS
    l_response        CLOB;
    l_token           VARCHAR2(4000);
    idcs_base_64_identity VARCHAR2(2000);
BEGIN
    idcs_base_64_identity := REPLACE(REPLACE(REPLACE(UTL_ENCODE.TEXT_ENCODE(p_idcs_client_id || ':' || p_idcs_client_secret, 'WE8ISO8859P1', UTL_ENCODE.BASE64), CHR(9)), CHR(10)), CHR(13));
 
    APEX_WEB_SERVICE.G_REQUEST_HEADERS.DELETE;
    APEX_WEB_SERVICE.G_REQUEST_HEADERS(1).NAME := 'Authorization';
    APEX_WEB_SERVICE.G_REQUEST_HEADERS(1).VALUE := 'Basic ' || idcs_base_64_identity;
    APEX_WEB_SERVICE.G_REQUEST_HEADERS(2).NAME := 'Content-Type';
    APEX_WEB_SERVICE.G_REQUEST_HEADERS(2).VALUE := 'application/x-www-form-urlencoded; charset=UTF-8';
 
    l_response := APEX_WEB_SERVICE.MAKE_REST_REQUEST(
        p_url         => p_idcs_url,
        p_http_method => 'POST',
        p_parm_name   => APEX_UTIL.STRING_TO_TABLE('grant_type:scope'),
        p_parm_value  => APEX_UTIL.STRING_TO_TABLE('client_credentials,rgbu:rpas:psraf-' || p_scope_suffix, ',')
    );
 
    IF l_response IS NULL THEN
        RAISE_APPLICATION_ERROR(-20001, 'Failed to retrieve IDCS token. Response is null.');
    END IF;
 
    BEGIN
        APEX_JSON.PARSE(l_response);
        l_token := APEX_JSON.GET_VARCHAR2(p_path => 'access_token');
    EXCEPTION
        WHEN OTHERS THEN
            RAISE_APPLICATION_ERROR(-20002, 'Failed to parse IDCS token response: ' || SQLERRM);
    END;
 
    IF l_token IS NULL THEN
        RAISE_APPLICATION_ERROR(-20003, 'IDCS token is null.');
    END IF;
 
    RETURN l_token;
EXCEPTION
    WHEN OTHERS THEN
        RAISE_APPLICATION_ERROR(-20004, 'Error getting IDCS token: ' || SQLERRM);
END get_idcs_token;