OAuthClient Component

Properties   Methods   Events   Config Settings   Errors  

The OAuthClient component implements interaction between the client, the resource owner (end-user), and the authorization server via OAuth 2.0 protocol.

Syntax

TsbxOAuthClient

Remarks

OAuthClient implements interaction between the client (an application that needs access to a protected resource), the resource owner (end-user), and the authorization server via OAuth 2.0 (RFC 6749) protocol.

Property List

---

The following is the full list of the properties of the component with short descriptions. Click on the links for further details.

Method List

---

The following is the full list of the methods of the component with short descriptions. Click on the links for further details.

Event List

---

The following is the full list of the events fired by the component with short descriptions. Click on the links for further details.

Config Settings

---

The following is a list of config settings for the component with short descriptions. Click on the links for further details.

AccessToken Property (OAuthClient Component)

Contains the access token.

Syntax

__property String AccessToken = { read=FAccessToken, write=FSetAccessToken };

Default Value

""

Remarks

Use this property to check or set the authorization access token.

This property is not available at design time.

Data Type

String

AuthURL Property (OAuthClient Component)

Specifies the URL of the authorization server.

Syntax

__property String AuthURL = { read=FAuthURL, write=FSetAuthURL };

Default Value

""

Remarks

Use this property to set the URL of the authorization server.

Data Type

String

AutoRefresh Property (OAuthClient Component)

Specifies whether access token should be automatically refreshed.

Syntax

__property bool AutoRefresh = { read=FAutoRefresh, write=FSetAutoRefresh };

Default Value

true

Remarks

Set this property to true to let the component automatically refresh AccessToken. If available, RefreshToken is used to renew access token. Otherwise the authorization process is initiated from the beginning, with user authentication and so on.

Data Type

Boolean

BlockedCertCount Property (OAuthClient Component)

The number of records in the BlockedCert arrays.

Syntax

__property int BlockedCertCount = { read=FBlockedCertCount, write=FSetBlockedCertCount };

Default Value

0

Remarks

This property controls the size of the following arrays:

• BlockedCertBytes
• BlockedCertHandle

The array indices start at 0 and end at BlockedCertCount - 1.

This property is not available at design time.

Data Type

Integer

BlockedCertBytes Property (OAuthClient Component)

Returns the raw certificate data in DER format.

Syntax

__property DynamicArray BlockedCertBytes[int BlockedCertIndex] = { read=FBlockedCertBytes };

Remarks

Returns the raw certificate data in DER format.

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

BlockedCertHandle Property (OAuthClient Component)

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

__property __int64 BlockedCertHandle[int BlockedCertIndex] = { read=FBlockedCertHandle, write=FSetBlockedCertHandle };

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation. pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

The BlockedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the BlockedCertCount property.

This property is not available at design time.

Data Type

Long64

ClientID Property (OAuthClient Component)

Client ID of the application which needs access to the protected resource.

Syntax

__property String ClientID = { read=FClientID, write=FSetClientID };

Default Value

""

Remarks

Use this property to specify the client ID of the application.

Data Type

String

ClientSecret Property (OAuthClient Component)

Client secret of the application which needs access to the protected resource.

Syntax

__property String ClientSecret = { read=FClientSecret, write=FSetClientSecret };

Default Value

""

Remarks

Use this property to specify client secret of the application.

Data Type

String

ConnInfoAEADCipher Property (OAuthClient Component)

Indicates whether the encryption algorithm used is an AEAD cipher.

Syntax

__property bool ConnInfoAEADCipher = { read=FConnInfoAEADCipher };

Default Value

false

Remarks

Indicates whether the encryption algorithm used is an AEAD cipher.

This property is read-only and not available at design time.

Data Type

Boolean

ConnInfoChainValidationDetails Property (OAuthClient Component)

The details of a certificate chain validation outcome.

Syntax

__property int ConnInfoChainValidationDetails = { read=FConnInfoChainValidationDetails };

Default Value

0

Remarks

The details of a certificate chain validation outcome. They may often suggest the reasons that contributed to the overall validation result.

Returns a bit mask of the following options:

This property is read-only and not available at design time.

Data Type

Integer

ConnInfoChainValidationResult Property (OAuthClient Component)

The outcome of a certificate chain validation routine.

Syntax

__property TsbxOAuthClientConnInfoChainValidationResults ConnInfoChainValidationResult = { read=FConnInfoChainValidationResult };

enum TsbxOAuthClientConnInfoChainValidationResults {
  cvtValid=0,
  cvtValidButUntrusted=1,
  cvtInvalid=2,
  cvtCantBeEstablished=3
};

Default Value

cvtValid

Remarks

The outcome of a certificate chain validation routine.

Available options:

Use the ValidationLog property to access the detailed validation log.

This property is read-only and not available at design time.

Data Type

Integer

ConnInfoCiphersuite Property (OAuthClient Component)

The cipher suite employed by this connection.

Syntax

__property String ConnInfoCiphersuite = { read=FConnInfoCiphersuite };

Default Value

""

Remarks

The cipher suite employed by this connection.

For TLS connections, this property returns the ciphersuite that was/is employed by the connection.

This property is read-only and not available at design time.

Data Type

String

ConnInfoClientAuthenticated Property (OAuthClient Component)

Specifies whether client authentication was performed during this connection.

Syntax

__property bool ConnInfoClientAuthenticated = { read=FConnInfoClientAuthenticated };

Default Value

false

Remarks

Specifies whether client authentication was performed during this connection.

This property is read-only and not available at design time.

Data Type

Boolean

ConnInfoClientAuthRequested Property (OAuthClient Component)

Specifies whether client authentication was requested during this connection.

Syntax

__property bool ConnInfoClientAuthRequested = { read=FConnInfoClientAuthRequested };

Default Value

false

Remarks

Specifies whether client authentication was requested during this connection.

This property is read-only and not available at design time.

Data Type

Boolean

ConnInfoConnectionEstablished Property (OAuthClient Component)

Indicates whether the connection has been established fully.

Syntax

__property bool ConnInfoConnectionEstablished = { read=FConnInfoConnectionEstablished };

Default Value

false

Remarks

Indicates whether the connection has been established fully.

This property is read-only and not available at design time.

Data Type

Boolean

ConnInfoConnectionID Property (OAuthClient Component)

The unique identifier assigned to this connection.

Syntax

__property DynamicArray ConnInfoConnectionID = { read=FConnInfoConnectionID };

Remarks

The unique identifier assigned to this connection.

This property is read-only and not available at design time.

Data Type

Byte Array

ConnInfoDigestAlgorithm Property (OAuthClient Component)

The digest algorithm used in a TLS-enabled connection.

Syntax

__property String ConnInfoDigestAlgorithm = { read=FConnInfoDigestAlgorithm };

Default Value

""

Remarks

The digest algorithm used in a TLS-enabled connection.

This property is read-only and not available at design time.

Data Type

String

ConnInfoEncryptionAlgorithm Property (OAuthClient Component)

The symmetric encryption algorithm used in a TLS-enabled connection.

Syntax

__property String ConnInfoEncryptionAlgorithm = { read=FConnInfoEncryptionAlgorithm };

Default Value

""

Remarks

The symmetric encryption algorithm used in a TLS-enabled connection.

This property is read-only and not available at design time.

Data Type

String

ConnInfoExportable Property (OAuthClient Component)

Indicates whether a TLS connection uses a reduced-strength exportable cipher.

Syntax

__property bool ConnInfoExportable = { read=FConnInfoExportable };

Default Value

false

Remarks

Indicates whether a TLS connection uses a reduced-strength exportable cipher.

This property is read-only and not available at design time.

Data Type

Boolean

ConnInfoID Property (OAuthClient Component)

The client connection's unique identifier.

Syntax

__property __int64 ConnInfoID = { read=FConnInfoID };

Default Value

-1

Remarks

The client connection's unique identifier. This value is used throughout to refer to a particular client connection.

This property is read-only and not available at design time.

Data Type

Long64

ConnInfoKeyExchangeAlgorithm Property (OAuthClient Component)

The key exchange algorithm used in a TLS-enabled connection.

Syntax

__property String ConnInfoKeyExchangeAlgorithm = { read=FConnInfoKeyExchangeAlgorithm };

Default Value

""

Remarks

The key exchange algorithm used in a TLS-enabled connection.

This property is read-only and not available at design time.

Data Type

String

ConnInfoKeyExchangeKeyBits Property (OAuthClient Component)

The length of the key exchange key of a TLS-enabled connection.

Syntax

__property int ConnInfoKeyExchangeKeyBits = { read=FConnInfoKeyExchangeKeyBits };

Default Value

0

Remarks

The length of the key exchange key of a TLS-enabled connection.

This property is read-only and not available at design time.

Data Type

Integer

ConnInfoNamedECCurve Property (OAuthClient Component)

The elliptic curve used in this connection.

Syntax

__property String ConnInfoNamedECCurve = { read=FConnInfoNamedECCurve };

Default Value

""

Remarks

The elliptic curve used in this connection.

This property is read-only and not available at design time.

Data Type

String

ConnInfoPFSCipher Property (OAuthClient Component)

Indicates whether the chosen ciphersuite provides perfect forward secrecy (PFS).

Syntax

__property bool ConnInfoPFSCipher = { read=FConnInfoPFSCipher };

Default Value

false

Remarks

Indicates whether the chosen ciphersuite provides perfect forward secrecy (PFS).

This property is read-only and not available at design time.

Data Type

Boolean

ConnInfoPreSharedIdentity Property (OAuthClient Component)

Specifies the identity used when the PSK (Pre-Shared Key) key-exchange mechanism is negotiated.

Syntax

__property String ConnInfoPreSharedIdentity = { read=FConnInfoPreSharedIdentity };

Default Value

""

Remarks

Specifies the identity used when the PSK (Pre-Shared Key) key-exchange mechanism is negotiated.

This property is read-only and not available at design time.

Data Type

String

ConnInfoPreSharedIdentityHint Property (OAuthClient Component)

A hint professed by the server to help the client select the PSK identity to use.

Syntax

__property String ConnInfoPreSharedIdentityHint = { read=FConnInfoPreSharedIdentityHint };

Default Value

""

Remarks

A hint professed by the server to help the client select the PSK identity to use.

This property is read-only and not available at design time.

Data Type

String

ConnInfoPublicKeyBits Property (OAuthClient Component)

The length of the public key.

Syntax

__property int ConnInfoPublicKeyBits = { read=FConnInfoPublicKeyBits };

Default Value

0

Remarks

The length of the public key.

This property is read-only and not available at design time.

Data Type

Integer

ConnInfoRemoteAddress Property (OAuthClient Component)

The client's IP address.

Syntax

__property String ConnInfoRemoteAddress = { read=FConnInfoRemoteAddress };

Default Value

""

Remarks

The client's IP address.

This property is read-only and not available at design time.

Data Type

String

ConnInfoRemotePort Property (OAuthClient Component)

The remote port of the client connection.

Syntax

__property int ConnInfoRemotePort = { read=FConnInfoRemotePort };

Default Value

0

Remarks

The remote port of the client connection.

This property is read-only and not available at design time.

Data Type

Integer

ConnInfoResumedSession Property (OAuthClient Component)

Indicates whether a TLS-enabled connection was spawned from another TLS connection.

Syntax

__property bool ConnInfoResumedSession = { read=FConnInfoResumedSession };

Default Value

false

Remarks

Indicates whether a TLS-enabled connection was spawned from another TLS connection

This property is read-only and not available at design time.

Data Type

Boolean

ConnInfoSecureConnection Property (OAuthClient Component)

Indicates whether TLS or SSL is enabled for this connection.

Syntax

__property bool ConnInfoSecureConnection = { read=FConnInfoSecureConnection };

Default Value

false

Remarks

Indicates whether TLS or SSL is enabled for this connection.

This property is read-only and not available at design time.

Data Type

Boolean

ConnInfoServerAuthenticated Property (OAuthClient Component)

Indicates whether server authentication was performed during a TLS-enabled connection.

Syntax

__property bool ConnInfoServerAuthenticated = { read=FConnInfoServerAuthenticated };

Default Value

false

Remarks

Indicates whether server authentication was performed during a TLS-enabled connection.

This property is read-only and not available at design time.

Data Type

Boolean

ConnInfoSignatureAlgorithm Property (OAuthClient Component)

The signature algorithm used in a TLS handshake.

Syntax

__property String ConnInfoSignatureAlgorithm = { read=FConnInfoSignatureAlgorithm };

Default Value

""

Remarks

The signature algorithm used in a TLS handshake.

This property is read-only and not available at design time.

Data Type

String

ConnInfoSymmetricBlockSize Property (OAuthClient Component)

The block size of the symmetric algorithm used.

Syntax

__property int ConnInfoSymmetricBlockSize = { read=FConnInfoSymmetricBlockSize };

Default Value

0

Remarks

The block size of the symmetric algorithm used.

This property is read-only and not available at design time.

Data Type

Integer

ConnInfoSymmetricKeyBits Property (OAuthClient Component)

The key length of the symmetric algorithm used.

Syntax

__property int ConnInfoSymmetricKeyBits = { read=FConnInfoSymmetricKeyBits };

Default Value

0

Remarks

The key length of the symmetric algorithm used.

This property is read-only and not available at design time.

Data Type

Integer

ConnInfoTotalBytesReceived Property (OAuthClient Component)

The total number of bytes received over this connection.

Syntax

__property __int64 ConnInfoTotalBytesReceived = { read=FConnInfoTotalBytesReceived };

Default Value

0

Remarks

The total number of bytes received over this connection.

This property is read-only and not available at design time.

Data Type

Long64

ConnInfoTotalBytesSent Property (OAuthClient Component)

The total number of bytes sent over this connection.

Syntax

__property __int64 ConnInfoTotalBytesSent = { read=FConnInfoTotalBytesSent };

Default Value

0

Remarks

The total number of bytes sent over this connection.

This property is read-only and not available at design time.

Data Type

Long64

ConnInfoValidationLog Property (OAuthClient Component)

Contains the server certificate's chain validation log.

Syntax

__property String ConnInfoValidationLog = { read=FConnInfoValidationLog };

Default Value

""

Remarks

Contains the server certificate's chain validation log. This information may be very useful in investigating chain validation failures.

This property is read-only and not available at design time.

Data Type

String

ConnInfoVersion Property (OAuthClient Component)

Indicates the version of SSL/TLS protocol negotiated during this connection.

Syntax

__property String ConnInfoVersion = { read=FConnInfoVersion };

Default Value

""

Remarks

Indicates the version of SSL/TLS protocol negotiated during this connection.

This property is read-only and not available at design time.

Data Type

String

CustomParamCount Property (OAuthClient Component)

The number of records in the CustomParams arrays.

Syntax

__property int CustomParamCount = { read=FCustomParamCount, write=FSetCustomParamCount };

Default Value

0

Remarks

This property controls the size of the following arrays:

• CustomParamsCategory
• CustomParamsFormat
• CustomParamsName
• CustomParamsValue

The array indices start at 0 and end at CustomParamCount - 1.

This property is not available at design time.

Data Type

Integer

CustomParamsCategory Property (OAuthClient Component)

Specifies the string category of the contained value.

Syntax

__property String CustomParamsCategory[int CustomParamIndex] = { read=FCustomParamsCategory, write=FSetCustomParamsCategory };

Default Value

""

Remarks

Specifies the string category of the contained value.

This property allows to check or set the category (or type) associated with the contained value. Depending on the format used to load or save the string, the category parameter may or may not be used.

For example, for ASN.1 property lists the category contains the ASN.1 tag of the contained data (OCTETSTRING, UTF8STRING, INTEGER, ...). For basic (name, value) pairs, such as HTTP headers, the category parameter is not used.

The CustomParamIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CustomParamCount property.

This property is not available at design time.

Data Type

String

CustomParamsFormat Property (OAuthClient Component)

Specifies the format (encoding) of the value contained in the Value property.

Syntax

__property int CustomParamsFormat[int CustomParamIndex] = { read=FCustomParamsFormat, write=FSetCustomParamsFormat };

Default Value

0

Remarks

Specifies the format (encoding) of the value contained in the CustomParamsValue property.

Use this property to check or set the format of the contained value. Remember to provide the actual value in the appropriate format that matches this setting: utils.NameValuePairs[0].Name = "key"; utils.NameValuePairs[0].Format = svfBinary; utils.NameValuePairs[0].Name = "0a1b2c3d4e5f6071";

The following formats are currently supported:

The CustomParamIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CustomParamCount property.

This property is not available at design time.

Data Type

Integer

CustomParamsName Property (OAuthClient Component)

The name element in a (name, value) pair.

Syntax

__property String CustomParamsName[int CustomParamIndex] = { read=FCustomParamsName, write=FSetCustomParamsName };

Default Value

""

Remarks

The name element in a (name, value) pair.

The CustomParamIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CustomParamCount property.

This property is not available at design time.

Data Type

String

CustomParamsValue Property (OAuthClient Component)

The value element in a (name, value) pair.

Syntax

__property String CustomParamsValue[int CustomParamIndex] = { read=FCustomParamsValue, write=FSetCustomParamsValue };

Default Value

""

Remarks

The value element in a (name, value) pair.

The CustomParamIndex parameter specifies the index of the item in the array. The size of the array is controlled by the CustomParamCount property.

This property is not available at design time.

Data Type

String

ExpiresAt Property (OAuthClient Component)

The expiration time of access token.

Syntax

__property String ExpiresAt = { read=FExpiresAt, write=FSetExpiresAt };

Default Value

""

Remarks

Use this property to check the expiration time of AccessToken.

This property is not available at design time.

Data Type

String

ExpiresIn Property (OAuthClient Component)

Returns access token lifetime in seconds.

Syntax

__property int ExpiresIn = { read=FExpiresIn };

Default Value

0

Remarks

Use this property to get the AccessToken lifetime in seconds. This value is returned by the authorization server together with the access token. To check the token's expiration moment, use ExpiresAt property.

This property is read-only and not available at design time.

Data Type

Integer

ExternalCryptoAsyncDocumentID Property (OAuthClient Component)

Specifies an optional document ID for SignAsyncBegin() and SignAsyncEnd() calls.

Syntax

__property String ExternalCryptoAsyncDocumentID = { read=FExternalCryptoAsyncDocumentID, write=FSetExternalCryptoAsyncDocumentID };

Default Value

""

Remarks

Specifies an optional document ID for SignAsyncBegin() and SignAsyncEnd() calls.

Use this property when working with multi-signature DCAuth requests and responses to uniquely identify documents signed within a larger batch. On the completion stage, this value helps the signing component identify the correct signature in the returned batch of responses.

If using batched requests, make sure to set this property to the same value on both the pre-signing (SignAsyncBegin) and completion (SignAsyncEnd) stages.

Data Type

String

ExternalCryptoCustomParams Property (OAuthClient Component)

Custom parameters to be passed to the signing service (uninterpreted).

Syntax

__property String ExternalCryptoCustomParams = { read=FExternalCryptoCustomParams, write=FSetExternalCryptoCustomParams };

Default Value

""

Remarks

Custom parameters to be passed to the signing service (uninterpreted).

This property is not available at design time.

Data Type

String

ExternalCryptoData Property (OAuthClient Component)

Additional data to be included in the async state and mirrored back by the requestor.

Syntax

__property String ExternalCryptoData = { read=FExternalCryptoData, write=FSetExternalCryptoData };

Default Value

""

Remarks

Additional data to be included in the async state and mirrored back by the requestor.

This property is not available at design time.

Data Type

String

ExternalCryptoExternalHashCalculation Property (OAuthClient Component)

Specifies whether the message hash is to be calculated at the external endpoint.

Syntax

__property bool ExternalCryptoExternalHashCalculation = { read=FExternalCryptoExternalHashCalculation, write=FSetExternalCryptoExternalHashCalculation };

Default Value

false

Remarks

Specifies whether the message hash is to be calculated at the external endpoint. Please note that this mode is not supported by the DCAuth component.

If set to true, the component will pass a few kilobytes of to-be-signed data from the document to the OnExternalSign event. This only applies when SignExternal() is called.

Data Type

Boolean

ExternalCryptoHashAlgorithm Property (OAuthClient Component)

Specifies the request's signature hash algorithm.

Syntax

__property String ExternalCryptoHashAlgorithm = { read=FExternalCryptoHashAlgorithm, write=FSetExternalCryptoHashAlgorithm };

Default Value

"SHA256"

Remarks

Specifies the request's signature hash algorithm.

Data Type

String

ExternalCryptoKeyID Property (OAuthClient Component)

The ID of the pre-shared key used for DC request authentication.

Syntax

__property String ExternalCryptoKeyID = { read=FExternalCryptoKeyID, write=FSetExternalCryptoKeyID };

Default Value

""

Remarks

The ID of the pre-shared key used for DC request authentication.

Asynchronous DCAuth-driven communication requires that parties authenticate each other with a secret pre-shared cryptographic key. This provides an extra protection layer for the protocol and diminishes the risk of the private key becoming abused by foreign parties. Use this property to provide the pre-shared key identifier, and use ExternalCryptoKeySecret to pass the key itself.

The same KeyID/KeySecret pair should be used on the DCAuth side for the signing requests to be accepted.

Note: The KeyID/KeySecret scheme is very similar to the AuthKey scheme used in various Cloud service providers to authenticate users.

Example: signer.ExternalCrypto.KeyID = "MainSigningKey"; signer.ExternalCrypto.KeySecret = "abcdef0123456789";

Data Type

String

ExternalCryptoKeySecret Property (OAuthClient Component)

The pre-shared key used for DC request authentication.

Syntax

__property String ExternalCryptoKeySecret = { read=FExternalCryptoKeySecret, write=FSetExternalCryptoKeySecret };

Default Value

""

Remarks

The pre-shared key used for DC request authentication. This key must be set and match the key used by the DCAuth counterpart for the scheme to work.

Read more about configuring authentication in the ExternalCryptoKeyID topic.

Data Type

String

ExternalCryptoMethod Property (OAuthClient Component)

Specifies the asynchronous signing method.

Syntax

__property TsbxOAuthClientExternalCryptoMethods ExternalCryptoMethod = { read=FExternalCryptoMethod, write=FSetExternalCryptoMethod };

enum TsbxOAuthClientExternalCryptoMethods {
  asmdPKCS1=0,
  asmdPKCS7=1
};

Default Value

asmdPKCS1

Remarks

Specifies the asynchronous signing method. This is typically defined by the DC server capabilities and setup.

Available options:

Data Type

Integer

ExternalCryptoMode Property (OAuthClient Component)

Specifies the external cryptography mode.

Syntax

__property TsbxOAuthClientExternalCryptoModes ExternalCryptoMode = { read=FExternalCryptoMode, write=FSetExternalCryptoMode };

enum TsbxOAuthClientExternalCryptoModes {
  ecmDefault=0,
  ecmDisabled=1,
  ecmGeneric=2,
  ecmDCAuth=3,
  ecmDCAuthJSON=4
};

Default Value

ecmDefault

Remarks

Specifies the external cryptography mode.

Available options:

This property is not available at design time.

Data Type

Integer

ExternalCryptoPublicKeyAlgorithm Property (OAuthClient Component)

Provide the public key algorithm here if the certificate is not available on the pre-signing stage.

Syntax

__property String ExternalCryptoPublicKeyAlgorithm = { read=FExternalCryptoPublicKeyAlgorithm, write=FSetExternalCryptoPublicKeyAlgorithm };

Default Value

""

Remarks

Provide the public key algorithm here if the certificate is not available on the pre-signing stage.

Data Type

String

FailureResponse Property (OAuthClient Component)

The web page showed to the user by the component on authorization failure.

Syntax

__property String FailureResponse = { read=FFailureResponse, write=FSetFailureResponse };

Default Value

""

Remarks

This property contains the html of the web page to be shown on authorization failure.

Data Type

String

FIPSMode Property (OAuthClient Component)

Reserved.

Syntax

__property bool FIPSMode = { read=FFIPSMode, write=FSetFIPSMode };

Default Value

false

Remarks

This property is reserved for future use.

Data Type

Boolean

GrantType Property (OAuthClient Component)

Specifies which protocol flow should be used to authorize the user.

Syntax

__property TsbxOAuthClientGrantTypes GrantType = { read=FGrantType, write=FSetGrantType };

enum TsbxOAuthClientGrantTypes {
  ogtAuthorizationCode=0,
  ogtImplicit=1,
  ogtPasswordCredentials=2,
  ogtClientCredentials=3,
  ogtHybridIdToken=4,
  ogtHybridToken=5,
  ogtHybridAll=6
};

Default Value

ogtAuthorizationCode

Remarks

Use this property to specify the authorization protocol to use.

Data Type

Integer

GrantTypeString Property (OAuthClient Component)

Used to set a custom grant type string.

Syntax

__property String GrantTypeString = { read=FGrantTypeString, write=FSetGrantTypeString };

Default Value

""

Remarks

This setting is used to set the grant_type parameter manually. This component will still consider the GrantType property to determine how it will function.

Data Type

String

IDToken Property (OAuthClient Component)

Contains the ID Token parameter for JWT.

Syntax

__property String IDToken = { read=FIDToken };

Default Value

""

Remarks

Use this property to get the id_token parameter (if any) than can be used for JWT operations.

This property is read-only and not available at design time.

Data Type

String

KeepAlivePolicy Property (OAuthClient Component)

Defines the keep-alive handling policy.

Syntax

__property TsbxOAuthClientKeepAlivePolicies KeepAlivePolicy = { read=FKeepAlivePolicy, write=FSetKeepAlivePolicy };

enum TsbxOAuthClientKeepAlivePolicies {
  ckapStandardDefined=0,
  ckapPreferKeepAlive=1,
  ckapRelyOnServer=2,
  ckapKeepAlivesDisabled=3
};

Default Value

ckapStandardDefined

Remarks

Use this property to tune-up the keep-alive mechanism as per the needs of your application.

Data Type

Integer

KnownCertCount Property (OAuthClient Component)

The number of records in the KnownCert arrays.

Syntax

__property int KnownCertCount = { read=FKnownCertCount, write=FSetKnownCertCount };

Default Value

0

Remarks

This property controls the size of the following arrays:

• KnownCertBytes
• KnownCertHandle

The array indices start at 0 and end at KnownCertCount - 1.

This property is not available at design time.

Data Type

Integer

KnownCertBytes Property (OAuthClient Component)

Returns the raw certificate data in DER format.

Syntax

__property DynamicArray KnownCertBytes[int KnownCertIndex] = { read=FKnownCertBytes };

Remarks

Returns the raw certificate data in DER format.

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

KnownCertHandle Property (OAuthClient Component)

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

__property __int64 KnownCertHandle[int KnownCertIndex] = { read=FKnownCertHandle, write=FSetKnownCertHandle };

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation. pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

The KnownCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCertCount property.

This property is not available at design time.

Data Type

Long64

KnownCRLCount Property (OAuthClient Component)

The number of records in the KnownCRL arrays.

Syntax

__property int KnownCRLCount = { read=FKnownCRLCount, write=FSetKnownCRLCount };

Default Value

0

Remarks

This property controls the size of the following arrays:

• KnownCRLBytes
• KnownCRLHandle

The array indices start at 0 and end at KnownCRLCount - 1.

This property is not available at design time.

Data Type

Integer

KnownCRLBytes Property (OAuthClient Component)

Returns the raw CRL data in DER format.

Syntax

__property DynamicArray KnownCRLBytes[int KnownCRLIndex] = { read=FKnownCRLBytes };

Remarks

Returns the raw CRL data in DER format.

The KnownCRLIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCRLCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

KnownCRLHandle Property (OAuthClient Component)

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

__property __int64 KnownCRLHandle[int KnownCRLIndex] = { read=FKnownCRLHandle, write=FSetKnownCRLHandle };

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation. pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

The KnownCRLIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownCRLCount property.

This property is not available at design time.

Data Type

Long64

KnownOCSPCount Property (OAuthClient Component)

The number of records in the KnownOCSP arrays.

Syntax

__property int KnownOCSPCount = { read=FKnownOCSPCount, write=FSetKnownOCSPCount };

Default Value

0

Remarks

This property controls the size of the following arrays:

• KnownOCSPBytes
• KnownOCSPHandle

The array indices start at 0 and end at KnownOCSPCount - 1.

This property is not available at design time.

Data Type

Integer

KnownOCSPBytes Property (OAuthClient Component)

A buffer containing the raw OCSP response data.

Syntax

__property DynamicArray KnownOCSPBytes[int KnownOCSPIndex] = { read=FKnownOCSPBytes };

Remarks

A buffer containing the raw OCSP response data.

The KnownOCSPIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownOCSPCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

KnownOCSPHandle Property (OAuthClient Component)

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

__property __int64 KnownOCSPHandle[int KnownOCSPIndex] = { read=FKnownOCSPHandle, write=FSetKnownOCSPHandle };

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation. pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

The KnownOCSPIndex parameter specifies the index of the item in the array. The size of the array is controlled by the KnownOCSPCount property.

This property is not available at design time.

Data Type

Long64

Password Property (OAuthClient Component)

The connecting user's authentication password.

Syntax

__property String Password = { read=FPassword, write=FSetPassword };

Default Value

""

Remarks

Assign the user's authentication password to this property. Use Username for username/login. The Username and Password properties are used only when GrantType is oauthPasswordCredentials.

Data Type

String

ProxyAddress Property (OAuthClient Component)

The IP address of the proxy server.

Syntax

__property String ProxyAddress = { read=FProxyAddress, write=FSetProxyAddress };

Default Value

""

Remarks

The IP address of the proxy server.

Data Type

String

ProxyAuthentication Property (OAuthClient Component)

The authentication type used by the proxy server.

Syntax

__property TsbxOAuthClientProxyAuthentications ProxyAuthentication = { read=FProxyAuthentication, write=FSetProxyAuthentication };

enum TsbxOAuthClientProxyAuthentications {
  patNoAuthentication=0,
  patBasic=1,
  patDigest=2,
  patNTLM=3
};

Default Value

patNoAuthentication

Remarks

The authentication type used by the proxy server.

Data Type

Integer

ProxyPassword Property (OAuthClient Component)

The password to authenticate to the proxy server.

Syntax

__property String ProxyPassword = { read=FProxyPassword, write=FSetProxyPassword };

Default Value

""

Remarks

The password to authenticate to the proxy server.

Data Type

String

ProxyPort Property (OAuthClient Component)

The port on the proxy server to connect to.

Syntax

__property int ProxyPort = { read=FProxyPort, write=FSetProxyPort };

Default Value

0

Remarks

The port on the proxy server to connect to.

Data Type

Integer

ProxyProxyType Property (OAuthClient Component)

The type of the proxy server.

Syntax

__property TsbxOAuthClientProxyProxyTypes ProxyProxyType = { read=FProxyProxyType, write=FSetProxyProxyType };

enum TsbxOAuthClientProxyProxyTypes {
  cptNone=0,
  cptSocks4=1,
  cptSocks5=2,
  cptWebTunnel=3,
  cptHTTP=4
};

Default Value

cptNone

Remarks

The type of the proxy server.

Data Type

Integer

ProxyRequestHeaders Property (OAuthClient Component)

Contains HTTP request headers for WebTunnel and HTTP proxy.

Syntax

__property String ProxyRequestHeaders = { read=FProxyRequestHeaders, write=FSetProxyRequestHeaders };

Default Value

""

Remarks

Contains HTTP request headers for WebTunnel and HTTP proxy.

Data Type

String

ProxyResponseBody Property (OAuthClient Component)

Contains the HTTP or HTTPS (WebTunnel) proxy response body.

Syntax

__property String ProxyResponseBody = { read=FProxyResponseBody, write=FSetProxyResponseBody };

Default Value

""

Remarks

Contains the HTTP or HTTPS (WebTunnel) proxy response body.

Data Type

String

ProxyResponseHeaders Property (OAuthClient Component)

Contains response headers received from an HTTP or HTTPS (WebTunnel) proxy server.

Syntax

__property String ProxyResponseHeaders = { read=FProxyResponseHeaders, write=FSetProxyResponseHeaders };

Default Value

""

Remarks

Contains response headers received from an HTTP or HTTPS (WebTunnel) proxy server.

Data Type

String

ProxyUseIPv6 Property (OAuthClient Component)

Specifies whether IPv6 should be used when connecting through the proxy.

Syntax

__property bool ProxyUseIPv6 = { read=FProxyUseIPv6, write=FSetProxyUseIPv6 };

Default Value

false

Remarks

Specifies whether IPv6 should be used when connecting through the proxy.

Data Type

Boolean

ProxyUsername Property (OAuthClient Component)

Specifies the username credential for proxy authentication.

Syntax

__property String ProxyUsername = { read=FProxyUsername, write=FSetProxyUsername };

Default Value

""

Remarks

Specifies the username credential for proxy authentication.

Data Type

String

RedirectURL Property (OAuthClient Component)

The URL where the user is redirected after authorization.

Syntax

__property String RedirectURL = { read=FRedirectURL, write=FSetRedirectURL };

Default Value

""

Remarks

Use this property to specify the URL on which the local HTTP server should open the listening port and wait for response from the authorization server. When the port number is explicitly specified, e.g., "http://localhost:5050/", the application has to be allowed to open a listening socket on that port.

HTTPS redirects support

Services increasingly require that redirects are made to HTTPS-enabled endpoints (e.g. "https://localhost:5050/"). OAuthClient does support them, but you are expected to do a little tuneup to be able to handle them.

What you need to do is set up the TLS server certificate that the OAuth receiver will be presenting to the user's web browser. The certificate is an integral part of the TLS handshake process. You can provide the certificate to the component using the AddLocalServerCertificate or AddLocalServerCertificateFromFile actions. See DoAction for the details.

The provided TLS certificate must contain a matching private key. You can generate the certificate using the CertificateManager component, or third-party software such as OpenSSL. Note that some browsers no longer accept self-signed TLS certificates, which typically means that you need to generate and set up a pair of certificates (the self-signed root certificate and the subordinate web server certificate) to make your receiver work with such browsers.

Data Type

String

RedirectURLCertCount Property (OAuthClient Component)

The number of records in the RedirectURLCert arrays.

Syntax

__property int RedirectURLCertCount = { read=FRedirectURLCertCount, write=FSetRedirectURLCertCount };

Default Value

0

Remarks

This property controls the size of the following arrays:

• RedirectURLCertBytes
• RedirectURLCertHandle

The array indices start at 0 and end at RedirectURLCertCount - 1.

This property is not available at design time.

Data Type

Integer

RedirectURLCertBytes Property (OAuthClient Component)

Returns the raw certificate data in DER format.

Syntax

__property DynamicArray RedirectURLCertBytes[int RedirectURLCertIndex] = { read=FRedirectURLCertBytes };

Remarks

Returns the raw certificate data in DER format.

The RedirectURLCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the RedirectURLCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

RedirectURLCertHandle Property (OAuthClient Component)

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

__property __int64 RedirectURLCertHandle[int RedirectURLCertIndex] = { read=FRedirectURLCertHandle, write=FSetRedirectURLCertHandle };

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation. pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

The RedirectURLCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the RedirectURLCertCount property.

This property is not available at design time.

Data Type

Long64

RefreshToken Property (OAuthClient Component)

The refresh token, to be used to automatically obtain new access token.

Syntax

__property String RefreshToken = { read=FRefreshToken, write=FSetRefreshToken };

Default Value

""

Remarks

The refresh token is used to obtain new AccessToken without user authentication.

Data Type

String

Scope Property (OAuthClient Component)

The scope of the request to be authorized.

Syntax

__property String Scope = { read=FScope, write=FSetScope };

Default Value

""

Remarks

Use this property to specify the scope of the request to the protected resource.

Data Type

String

SocketDNSMode Property (OAuthClient Component)

Selects the DNS resolver to use: the component's (secure) built-in one, or the one provided by the system.

Syntax

__property TsbxOAuthClientSocketDNSModes SocketDNSMode = { read=FSocketDNSMode, write=FSetSocketDNSMode };

enum TsbxOAuthClientSocketDNSModes {
  dmAuto=0,
  dmPlatform=1,
  dmOwn=2,
  dmOwnSecure=3
};

Default Value

dmAuto

Remarks

Selects the DNS resolver to use: the component's (secure) built-in one, or the one provided by the system.

Data Type

Integer

SocketDNSPort Property (OAuthClient Component)

Specifies the port number to be used for sending queries to the DNS server.

Syntax

__property int SocketDNSPort = { read=FSocketDNSPort, write=FSetSocketDNSPort };

Default Value

0

Remarks

Specifies the port number to be used for sending queries to the DNS server.

Data Type

Integer

SocketDNSQueryTimeout Property (OAuthClient Component)

The timeout (in milliseconds) for each DNS query.

Syntax

__property int SocketDNSQueryTimeout = { read=FSocketDNSQueryTimeout, write=FSetSocketDNSQueryTimeout };

Default Value

0

Remarks

The timeout (in milliseconds) for each DNS query. The value of 0 indicates an infinite timeout.

Data Type

Integer

SocketDNSServers Property (OAuthClient Component)

The addresses of DNS servers to use for address resolution, separated by commas or semicolons.

Syntax

__property String SocketDNSServers = { read=FSocketDNSServers, write=FSetSocketDNSServers };

Default Value

""

Remarks

The addresses of DNS servers to use for address resolution, separated by commas or semicolons.

Data Type

String

SocketDNSTotalTimeout Property (OAuthClient Component)

The timeout (in milliseconds) for the whole resolution process.

Syntax

__property int SocketDNSTotalTimeout = { read=FSocketDNSTotalTimeout, write=FSetSocketDNSTotalTimeout };

Default Value

0

Remarks

The timeout (in milliseconds) for the whole resolution process. The value of 0 indicates an infinite timeout.

Data Type

Integer

SocketIncomingSpeedLimit Property (OAuthClient Component)

The maximum number of bytes to read from the socket, per second.

Syntax

__property int SocketIncomingSpeedLimit = { read=FSocketIncomingSpeedLimit, write=FSetSocketIncomingSpeedLimit };

Default Value

0

Remarks

The maximum number of bytes to read from the socket, per second.

Data Type

Integer

SocketLocalAddress Property (OAuthClient Component)

The local network interface to bind the socket to.

Syntax

__property String SocketLocalAddress = { read=FSocketLocalAddress, write=FSetSocketLocalAddress };

Default Value

""

Remarks

The local network interface to bind the socket to.

Data Type

String

SocketLocalPort Property (OAuthClient Component)

The local port number to bind the socket to.

Syntax

__property int SocketLocalPort = { read=FSocketLocalPort, write=FSetSocketLocalPort };

Default Value

0

Remarks

The local port number to bind the socket to.

Data Type

Integer

SocketOutgoingSpeedLimit Property (OAuthClient Component)

The maximum number of bytes to write to the socket, per second.

Syntax

__property int SocketOutgoingSpeedLimit = { read=FSocketOutgoingSpeedLimit, write=FSetSocketOutgoingSpeedLimit };

Default Value

0

Remarks

The maximum number of bytes to write to the socket, per second.

Data Type

Integer

SocketTimeout Property (OAuthClient Component)

The maximum period of waiting, in milliseconds, after which the socket operation is considered unsuccessful.

Syntax

__property int SocketTimeout = { read=FSocketTimeout, write=FSetSocketTimeout };

Default Value

60000

Remarks

The maximum period of waiting, in milliseconds, after which the socket operation is considered unsuccessful.

If Timeout is set to 0, a socket operation will expire after the system-default timeout (2 hrs 8 min for TCP stack).

Data Type

Integer

SocketUseIPv6 Property (OAuthClient Component)

Enables or disables IP protocol version 6.

Syntax

__property bool SocketUseIPv6 = { read=FSocketUseIPv6, write=FSetSocketUseIPv6 };

Default Value

false

Remarks

Enables or disables IP protocol version 6.

Data Type

Boolean

State Property (OAuthClient Component)

Specifies the state parameter of the authorization request or response.

Syntax

__property String State = { read=FState, write=FSetState };

Default Value

""

Remarks

This parameter contains an opaque value used by the client to maintain state between the request and callback. If this parameter was present in the authorization request, the server should include the same value in its response.

Data Type

String

SuccessResponse Property (OAuthClient Component)

The web page showed to the user by the component on authorization success.

Syntax

__property String SuccessResponse = { read=FSuccessResponse, write=FSetSuccessResponse };

Default Value

""

Remarks

This property contains the html of the web page to be shown on authorization success.

Data Type

String

Timeout Property (OAuthClient Component)

Specifies waiting timeout (in milliseconds).

Syntax

__property int Timeout = { read=FTimeout, write=FSetTimeout };

Default Value

120000

Remarks

This property specifies the timeout (in milliseconds) to wait for server's response.

Data Type

Integer

TLSClientCertCount Property (OAuthClient Component)

The number of records in the TLSClientCert arrays.

Syntax

__property int TLSClientCertCount = { read=FTLSClientCertCount, write=FSetTLSClientCertCount };

Default Value

0

Remarks

This property controls the size of the following arrays:

• TLSClientCertBytes
• TLSClientCertHandle

The array indices start at 0 and end at TLSClientCertCount - 1.

This property is not available at design time.

Data Type

Integer

TLSClientCertBytes Property (OAuthClient Component)

Returns the raw certificate data in DER format.

Syntax

__property DynamicArray TLSClientCertBytes[int TLSClientCertIndex] = { read=FTLSClientCertBytes };

Remarks

Returns the raw certificate data in DER format.

The TLSClientCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSClientCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

TLSClientCertHandle Property (OAuthClient Component)

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

__property __int64 TLSClientCertHandle[int TLSClientCertIndex] = { read=FTLSClientCertHandle, write=FSetTLSClientCertHandle };

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation. pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

The TLSClientCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSClientCertCount property.

This property is not available at design time.

Data Type

Long64

TLSServerCertCount Property (OAuthClient Component)

The number of records in the TLSServerCert arrays.

Syntax

__property int TLSServerCertCount = { read=FTLSServerCertCount };

Default Value

0

Remarks

This property controls the size of the following arrays:

• TLSServerCertBytes
• TLSServerCertFingerprint
• TLSServerCertHandle
• TLSServerCertIssuer
• TLSServerCertIssuerRDN
• TLSServerCertKeyAlgorithm
• TLSServerCertKeyBits
• TLSServerCertKeyUsage
• TLSServerCertSelfSigned
• TLSServerCertSerialNumber
• TLSServerCertSigAlgorithm
• TLSServerCertSubject
• TLSServerCertSubjectRDN
• TLSServerCertValidFrom
• TLSServerCertValidTo

The array indices start at 0 and end at TLSServerCertCount - 1.

This property is read-only and not available at design time.

Data Type

Integer

TLSServerCertBytes Property (OAuthClient Component)

Returns the raw certificate data in DER format.

Syntax

__property DynamicArray TLSServerCertBytes[int TLSServerCertIndex] = { read=FTLSServerCertBytes };

Remarks

Returns the raw certificate data in DER format.

The TLSServerCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSServerCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

TLSServerCertFingerprint Property (OAuthClient Component)

Contains the fingerprint (a hash imprint) of this certificate.

Syntax

__property String TLSServerCertFingerprint[int TLSServerCertIndex] = { read=FTLSServerCertFingerprint };

Default Value

""

Remarks

Contains the fingerprint (a hash imprint) of this certificate.

While there is no formal standard defining what a fingerprint is, a SHA1 hash of the certificate's DER-encoded body is typically used.

The TLSServerCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSServerCertCount property.

This property is read-only and not available at design time.

Data Type

String

TLSServerCertHandle Property (OAuthClient Component)

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

__property __int64 TLSServerCertHandle[int TLSServerCertIndex] = { read=FTLSServerCertHandle };

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation. pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

The TLSServerCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSServerCertCount property.

This property is read-only and not available at design time.

Data Type

Long64

TLSServerCertIssuer Property (OAuthClient Component)

The common name of the certificate issuer (CA), typically a company name.

Syntax

__property String TLSServerCertIssuer[int TLSServerCertIndex] = { read=FTLSServerCertIssuer };

Default Value

""

Remarks

The common name of the certificate issuer (CA), typically a company name. This is part of a larger set of credentials available via TLSIssuerRDN.

The TLSServerCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSServerCertCount property.

This property is read-only and not available at design time.

Data Type

String

TLSServerCertIssuerRDN Property (OAuthClient Component)

A list of Property=Value pairs that uniquely identify the certificate issuer.

Syntax

__property String TLSServerCertIssuerRDN[int TLSServerCertIndex] = { read=FTLSServerCertIssuerRDN };

Default Value

""

Remarks

A list of Property=Value pairs that uniquely identify the certificate issuer.

Example: /C=US/O=Nationwide CA/CN=Web Certification Authority

The TLSServerCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSServerCertCount property.

This property is read-only and not available at design time.

Data Type

String

TLSServerCertKeyAlgorithm Property (OAuthClient Component)

Specifies the public key algorithm of this certificate.

Syntax

__property String TLSServerCertKeyAlgorithm[int TLSServerCertIndex] = { read=FTLSServerCertKeyAlgorithm };

Default Value

"0"

Remarks

Specifies the public key algorithm of this certificate.

Use the TLSKeyBits, TLSCurve, and TLSPublicKeyBytes properties to get more details about the key the certificate contains.

The TLSServerCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSServerCertCount property.

This property is read-only and not available at design time.

Data Type

String

TLSServerCertKeyBits Property (OAuthClient Component)

Returns the length of the public key in bits.

Syntax

__property int TLSServerCertKeyBits[int TLSServerCertIndex] = { read=FTLSServerCertKeyBits };

Default Value

0

Remarks

Returns the length of the public key in bits.

This value indicates the length of the principal cryptographic parameter of the key, such as the length of the RSA modulus or ECDSA field. The key data returned by the TLSPublicKeyBytes or TLSPrivateKeyBytes property would typically contain auxiliary values, and therefore be longer.

The TLSServerCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSServerCertCount property.

This property is read-only and not available at design time.

Data Type

Integer

TLSServerCertKeyUsage Property (OAuthClient Component)

Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.

Syntax

__property int TLSServerCertKeyUsage[int TLSServerCertIndex] = { read=FTLSServerCertKeyUsage };

Default Value

0

Remarks

Indicates the purposes of the key contained in the certificate, in the form of an OR'ed flag set.

This value is a bit mask of the following values:

Set this property before generating the certificate to propagate the key usage flags to the new certificate.

The TLSServerCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSServerCertCount property.

This property is read-only and not available at design time.

Data Type

Integer

TLSServerCertSelfSigned Property (OAuthClient Component)

Indicates whether the certificate is self-signed (root) or signed by an external CA.

Syntax

__property bool TLSServerCertSelfSigned[int TLSServerCertIndex] = { read=FTLSServerCertSelfSigned };

Default Value

false

Remarks

Indicates whether the certificate is self-signed (root) or signed by an external CA.

The TLSServerCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSServerCertCount property.

This property is read-only and not available at design time.

Data Type

Boolean

TLSServerCertSerialNumber Property (OAuthClient Component)

Returns the certificate's serial number.

Syntax

__property DynamicArray TLSServerCertSerialNumber[int TLSServerCertIndex] = { read=FTLSServerCertSerialNumber };

Remarks

Returns the certificate's serial number.

The serial number is a binary string that uniquely identifies a certificate among others issued by the same CA. According to the X.509 standard, the (issuer, serial number) pair should be globally unique to facilitate chain building.

The TLSServerCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSServerCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

TLSServerCertSigAlgorithm Property (OAuthClient Component)

Indicates the algorithm that was used by the CA to sign this certificate.

Syntax

__property String TLSServerCertSigAlgorithm[int TLSServerCertIndex] = { read=FTLSServerCertSigAlgorithm };

Default Value

""

Remarks

Indicates the algorithm that was used by the CA to sign this certificate.

A signature algorithm typically combines hash and public key algorithms together, such as sha256WithRSAEncryption or ecdsa-with-SHA256.

The TLSServerCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSServerCertCount property.

This property is read-only and not available at design time.

Data Type

String

TLSServerCertSubject Property (OAuthClient Component)

The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name.

Syntax

__property String TLSServerCertSubject[int TLSServerCertIndex] = { read=FTLSServerCertSubject };

Default Value

""

Remarks

The common name of the certificate holder, typically an individual's name, a URL, an e-mail address, or a company name. This is part of a larger set of credentials available via TLSSubjectRDN.

The TLSServerCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSServerCertCount property.

This property is read-only and not available at design time.

Data Type

String

TLSServerCertSubjectRDN Property (OAuthClient Component)

A list of Property=Value pairs that uniquely identify the certificate holder (subject).

Syntax

__property String TLSServerCertSubjectRDN[int TLSServerCertIndex] = { read=FTLSServerCertSubjectRDN };

Default Value

""

Remarks

A list of Property=Value pairs that uniquely identify the certificate holder (subject).

Depending on the purpose of the certificate and the policies of the CA that issued it, the values included in the subject record may differ drastically and contain business or personal names, web URLs, email addresses, and other data.

Example: /C=US/O=Oranges and Apples, Inc./OU=Accounts Receivable/1.2.3.4.5=Value with unknown OID/CN=Margaret Watkins.

The TLSServerCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSServerCertCount property.

This property is read-only and not available at design time.

Data Type

String

TLSServerCertValidFrom Property (OAuthClient Component)

The time point at which the certificate becomes valid, in UTC.

Syntax

__property String TLSServerCertValidFrom[int TLSServerCertIndex] = { read=FTLSServerCertValidFrom };

Default Value

""

Remarks

The time point at which the certificate becomes valid, in UTC.

The TLSServerCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSServerCertCount property.

This property is read-only and not available at design time.

Data Type

String

TLSServerCertValidTo Property (OAuthClient Component)

The time point at which the certificate expires, in UTC.

Syntax

__property String TLSServerCertValidTo[int TLSServerCertIndex] = { read=FTLSServerCertValidTo };

Default Value

""

Remarks

The time point at which the certificate expires, in UTC.

The TLSServerCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TLSServerCertCount property.

This property is read-only and not available at design time.

Data Type

String

TLSAutoValidateCertificates Property (OAuthClient Component)

Specifies whether server-side TLS certificates should be validated automatically using internal validation rules.

Syntax

__property bool TLSAutoValidateCertificates = { read=FTLSAutoValidateCertificates, write=FSetTLSAutoValidateCertificates };

Default Value

true

Remarks

Specifies whether server-side TLS certificates should be validated automatically using internal validation rules.

Data Type

Boolean

TLSBaseConfiguration Property (OAuthClient Component)

Selects the base configuration for the TLS settings.

Syntax

__property TsbxOAuthClientTLSBaseConfigurations TLSBaseConfiguration = { read=FTLSBaseConfiguration, write=FSetTLSBaseConfiguration };

enum TsbxOAuthClientTLSBaseConfigurations {
  stpcDefault=0,
  stpcCompatible=1,
  stpcComprehensiveInsecure=2,
  stpcHighlySecure=3
};

Default Value

stpcDefault

Remarks

Selects the base configuration for the TLS settings. Several profiles are offered and tuned up for different purposes, such as high security or higher compatibility.

Data Type

Integer

TLSCiphersuites Property (OAuthClient Component)

A list of ciphersuites separated with commas or semicolons.

Syntax

__property String TLSCiphersuites = { read=FTLSCiphersuites, write=FSetTLSCiphersuites };

Default Value

""

Remarks

A list of ciphersuites separated with commas or semicolons. Each ciphersuite in the list may be prefixed with a minus sign (-) to indicate that the ciphersuite should be disabled rather than enabled. Besides the specific ciphersuite modifiers, this property supports the all (and -all) aliases, allowing all ciphersuites to be blanketly enabled or disabled at once.

Note: the list of ciphersuites provided to this property alters the baseline list of ciphersuites as defined by TLSBaseConfiguration. Remember to start your ciphersuite string with -all; if you need to only enable a specific fixed set of ciphersuites. The list of supported ciphersuites is provided below:

• NULL_NULL_NULL
• RSA_NULL_MD5
• RSA_NULL_SHA
• RSA_RC4_MD5
• RSA_RC4_SHA
• RSA_RC2_MD5
• RSA_IDEA_MD5
• RSA_IDEA_SHA
• RSA_DES_MD5
• RSA_DES_SHA
• RSA_3DES_MD5
• RSA_3DES_SHA
• RSA_AES128_SHA
• RSA_AES256_SHA
• DH_DSS_DES_SHA
• DH_DSS_3DES_SHA
• DH_DSS_AES128_SHA
• DH_DSS_AES256_SHA
• DH_RSA_DES_SHA
• DH_RSA_3DES_SHA
• DH_RSA_AES128_SHA
• DH_RSA_AES256_SHA
• DHE_DSS_DES_SHA
• DHE_DSS_3DES_SHA
• DHE_DSS_AES128_SHA
• DHE_DSS_AES256_SHA
• DHE_RSA_DES_SHA
• DHE_RSA_3DES_SHA
• DHE_RSA_AES128_SHA
• DHE_RSA_AES256_SHA
• DH_ANON_RC4_MD5
• DH_ANON_DES_SHA
• DH_ANON_3DES_SHA
• DH_ANON_AES128_SHA
• DH_ANON_AES256_SHA
• RSA_RC2_MD5_EXPORT
• RSA_RC4_MD5_EXPORT
• RSA_DES_SHA_EXPORT
• DH_DSS_DES_SHA_EXPORT
• DH_RSA_DES_SHA_EXPORT
• DHE_DSS_DES_SHA_EXPORT
• DHE_RSA_DES_SHA_EXPORT
• DH_ANON_RC4_MD5_EXPORT
• DH_ANON_DES_SHA_EXPORT
• RSA_CAMELLIA128_SHA
• DH_DSS_CAMELLIA128_SHA
• DH_RSA_CAMELLIA128_SHA
• DHE_DSS_CAMELLIA128_SHA
• DHE_RSA_CAMELLIA128_SHA
• DH_ANON_CAMELLIA128_SHA
• RSA_CAMELLIA256_SHA
• DH_DSS_CAMELLIA256_SHA
• DH_RSA_CAMELLIA256_SHA
• DHE_DSS_CAMELLIA256_SHA
• DHE_RSA_CAMELLIA256_SHA
• DH_ANON_CAMELLIA256_SHA
• PSK_RC4_SHA
• PSK_3DES_SHA
• PSK_AES128_SHA
• PSK_AES256_SHA
• DHE_PSK_RC4_SHA
• DHE_PSK_3DES_SHA
• DHE_PSK_AES128_SHA
• DHE_PSK_AES256_SHA
• RSA_PSK_RC4_SHA
• RSA_PSK_3DES_SHA
• RSA_PSK_AES128_SHA
• RSA_PSK_AES256_SHA
• RSA_SEED_SHA
• DH_DSS_SEED_SHA
• DH_RSA_SEED_SHA
• DHE_DSS_SEED_SHA
• DHE_RSA_SEED_SHA
• DH_ANON_SEED_SHA
• SRP_SHA_3DES_SHA
• SRP_SHA_RSA_3DES_SHA
• SRP_SHA_DSS_3DES_SHA
• SRP_SHA_AES128_SHA
• SRP_SHA_RSA_AES128_SHA
• SRP_SHA_DSS_AES128_SHA
• SRP_SHA_AES256_SHA
• SRP_SHA_RSA_AES256_SHA
• SRP_SHA_DSS_AES256_SHA
• ECDH_ECDSA_NULL_SHA
• ECDH_ECDSA_RC4_SHA
• ECDH_ECDSA_3DES_SHA
• ECDH_ECDSA_AES128_SHA
• ECDH_ECDSA_AES256_SHA
• ECDHE_ECDSA_NULL_SHA
• ECDHE_ECDSA_RC4_SHA
• ECDHE_ECDSA_3DES_SHA
• ECDHE_ECDSA_AES128_SHA
• ECDHE_ECDSA_AES256_SHA
• ECDH_RSA_NULL_SHA
• ECDH_RSA_RC4_SHA
• ECDH_RSA_3DES_SHA
• ECDH_RSA_AES128_SHA
• ECDH_RSA_AES256_SHA
• ECDHE_RSA_NULL_SHA
• ECDHE_RSA_RC4_SHA
• ECDHE_RSA_3DES_SHA
• ECDHE_RSA_AES128_SHA
• ECDHE_RSA_AES256_SHA
• ECDH_ANON_NULL_SHA
• ECDH_ANON_RC4_SHA
• ECDH_ANON_3DES_SHA
• ECDH_ANON_AES128_SHA
• ECDH_ANON_AES256_SHA
• RSA_NULL_SHA256
• RSA_AES128_SHA256
• RSA_AES256_SHA256
• DH_DSS_AES128_SHA256
• DH_RSA_AES128_SHA256
• DHE_DSS_AES128_SHA256
• DHE_RSA_AES128_SHA256
• DH_DSS_AES256_SHA256
• DH_RSA_AES256_SHA256
• DHE_DSS_AES256_SHA256
• DHE_RSA_AES256_SHA256
• DH_ANON_AES128_SHA256
• DH_ANON_AES256_SHA256
• RSA_AES128_GCM_SHA256
• RSA_AES256_GCM_SHA384
• DHE_RSA_AES128_GCM_SHA256
• DHE_RSA_AES256_GCM_SHA384
• DH_RSA_AES128_GCM_SHA256
• DH_RSA_AES256_GCM_SHA384
• DHE_DSS_AES128_GCM_SHA256
• DHE_DSS_AES256_GCM_SHA384
• DH_DSS_AES128_GCM_SHA256
• DH_DSS_AES256_GCM_SHA384
• DH_ANON_AES128_GCM_SHA256
• DH_ANON_AES256_GCM_SHA384
• ECDHE_ECDSA_AES128_SHA256
• ECDHE_ECDSA_AES256_SHA384
• ECDH_ECDSA_AES128_SHA256
• ECDH_ECDSA_AES256_SHA384
• ECDHE_RSA_AES128_SHA256
• ECDHE_RSA_AES256_SHA384
• ECDH_RSA_AES128_SHA256
• ECDH_RSA_AES256_SHA384
• ECDHE_ECDSA_AES128_GCM_SHA256
• ECDHE_ECDSA_AES256_GCM_SHA384
• ECDH_ECDSA_AES128_GCM_SHA256
• ECDH_ECDSA_AES256_GCM_SHA384
• ECDHE_RSA_AES128_GCM_SHA256
• ECDHE_RSA_AES256_GCM_SHA384
• ECDH_RSA_AES128_GCM_SHA256
• ECDH_RSA_AES256_GCM_SHA384
• PSK_AES128_GCM_SHA256
• PSK_AES256_GCM_SHA384
• DHE_PSK_AES128_GCM_SHA256
• DHE_PSK_AES256_GCM_SHA384
• RSA_PSK_AES128_GCM_SHA256
• RSA_PSK_AES256_GCM_SHA384
• PSK_AES128_SHA256
• PSK_AES256_SHA384
• PSK_NULL_SHA256
• PSK_NULL_SHA384
• DHE_PSK_AES128_SHA256
• DHE_PSK_AES256_SHA384
• DHE_PSK_NULL_SHA256
• DHE_PSK_NULL_SHA384
• RSA_PSK_AES128_SHA256
• RSA_PSK_AES256_SHA384
• RSA_PSK_NULL_SHA256
• RSA_PSK_NULL_SHA384
• RSA_CAMELLIA128_SHA256
• DH_DSS_CAMELLIA128_SHA256
• DH_RSA_CAMELLIA128_SHA256
• DHE_DSS_CAMELLIA128_SHA256
• DHE_RSA_CAMELLIA128_SHA256
• DH_ANON_CAMELLIA128_SHA256
• RSA_CAMELLIA256_SHA256
• DH_DSS_CAMELLIA256_SHA256
• DH_RSA_CAMELLIA256_SHA256
• DHE_DSS_CAMELLIA256_SHA256
• DHE_RSA_CAMELLIA256_SHA256
• DH_ANON_CAMELLIA256_SHA256
• ECDHE_ECDSA_CAMELLIA128_SHA256
• ECDHE_ECDSA_CAMELLIA256_SHA384
• ECDH_ECDSA_CAMELLIA128_SHA256
• ECDH_ECDSA_CAMELLIA256_SHA384
• ECDHE_RSA_CAMELLIA128_SHA256
• ECDHE_RSA_CAMELLIA256_SHA384
• ECDH_RSA_CAMELLIA128_SHA256
• ECDH_RSA_CAMELLIA256_SHA384
• RSA_CAMELLIA128_GCM_SHA256
• RSA_CAMELLIA256_GCM_SHA384
• DHE_RSA_CAMELLIA128_GCM_SHA256
• DHE_RSA_CAMELLIA256_GCM_SHA384
• DH_RSA_CAMELLIA128_GCM_SHA256
• DH_RSA_CAMELLIA256_GCM_SHA384
• DHE_DSS_CAMELLIA128_GCM_SHA256
• DHE_DSS_CAMELLIA256_GCM_SHA384
• DH_DSS_CAMELLIA128_GCM_SHA256
• DH_DSS_CAMELLIA256_GCM_SHA384
• DH_anon_CAMELLIA128_GCM_SHA256
• DH_anon_CAMELLIA256_GCM_SHA384
• ECDHE_ECDSA_CAMELLIA128_GCM_SHA256
• ECDHE_ECDSA_CAMELLIA256_GCM_SHA384
• ECDH_ECDSA_CAMELLIA128_GCM_SHA256
• ECDH_ECDSA_CAMELLIA256_GCM_SHA384
• ECDHE_RSA_CAMELLIA128_GCM_SHA256
• ECDHE_RSA_CAMELLIA256_GCM_SHA384
• ECDH_RSA_CAMELLIA128_GCM_SHA256
• ECDH_RSA_CAMELLIA256_GCM_SHA384
• PSK_CAMELLIA128_GCM_SHA256
• PSK_CAMELLIA256_GCM_SHA384
• DHE_PSK_CAMELLIA128_GCM_SHA256
• DHE_PSK_CAMELLIA256_GCM_SHA384
• RSA_PSK_CAMELLIA128_GCM_SHA256
• RSA_PSK_CAMELLIA256_GCM_SHA384
• PSK_CAMELLIA128_SHA256
• PSK_CAMELLIA256_SHA384
• DHE_PSK_CAMELLIA128_SHA256
• DHE_PSK_CAMELLIA256_SHA384
• RSA_PSK_CAMELLIA128_SHA256
• RSA_PSK_CAMELLIA256_SHA384
• ECDHE_PSK_CAMELLIA128_SHA256
• ECDHE_PSK_CAMELLIA256_SHA384
• ECDHE_PSK_RC4_SHA
• ECDHE_PSK_3DES_SHA
• ECDHE_PSK_AES128_SHA
• ECDHE_PSK_AES256_SHA
• ECDHE_PSK_AES128_SHA256
• ECDHE_PSK_AES256_SHA384
• ECDHE_PSK_NULL_SHA
• ECDHE_PSK_NULL_SHA256
• ECDHE_PSK_NULL_SHA384
• ECDHE_RSA_CHACHA20_POLY1305_SHA256
• ECDHE_ECDSA_CHACHA20_POLY1305_SHA256
• DHE_RSA_CHACHA20_POLY1305_SHA256
• PSK_CHACHA20_POLY1305_SHA256
• ECDHE_PSK_CHACHA20_POLY1305_SHA256
• DHE_PSK_CHACHA20_POLY1305_SHA256
• RSA_PSK_CHACHA20_POLY1305_SHA256
• AES128_GCM_SHA256
• AES256_GCM_SHA384
• CHACHA20_POLY1305_SHA256
• AES128_CCM_SHA256
• AES128_CCM8_SHA256

Data Type

String

TLSClientAuth Property (OAuthClient Component)

Enables or disables certificate-based client authentication.

Syntax

__property TsbxOAuthClientTLSClientAuths TLSClientAuth = { read=FTLSClientAuth, write=FSetTLSClientAuth };

enum TsbxOAuthClientTLSClientAuths {
  ccatNoAuth=0,
  ccatRequestCert=1,
  ccatRequireCert=2
};

Default Value

ccatNoAuth

Remarks

Enables or disables certificate-based client authentication.

Set this property to true to tune up the client authentication type:

Data Type

Integer

TLSECCurves Property (OAuthClient Component)

Defines the elliptic curves to enable.

Syntax

__property String TLSECCurves = { read=FTLSECCurves, write=FSetTLSECCurves };

Default Value

""

Remarks

Defines the elliptic curves to enable.

Data Type

String

TLSExtensions Property (OAuthClient Component)

Provides access to TLS extensions.

Syntax

__property String TLSExtensions = { read=FTLSExtensions, write=FSetTLSExtensions };

Default Value

""

Remarks

Provides access to TLS extensions.

Data Type

String

TLSForceResumeIfDestinationChanges Property (OAuthClient Component)

Whether to force TLS session resumption when the destination address changes.

Syntax

__property bool TLSForceResumeIfDestinationChanges = { read=FTLSForceResumeIfDestinationChanges, write=FSetTLSForceResumeIfDestinationChanges };

Default Value

false

Remarks

Whether to force TLS session resumption when the destination address changes.

Data Type

Boolean

TLSPreSharedIdentity Property (OAuthClient Component)

Defines the identity used when the PSK (Pre-Shared Key) key-exchange mechanism is negotiated.

Syntax

__property String TLSPreSharedIdentity = { read=FTLSPreSharedIdentity, write=FSetTLSPreSharedIdentity };

Default Value

""

Remarks

Defines the identity used when the PSK (Pre-Shared Key) key-exchange mechanism is negotiated.

This property is not available at design time.

Data Type

String

TLSPreSharedKey Property (OAuthClient Component)

Contains the pre-shared key for the PSK (Pre-Shared Key) key-exchange mechanism, encoded with base16.

Syntax

__property String TLSPreSharedKey = { read=FTLSPreSharedKey, write=FSetTLSPreSharedKey };

Default Value

""

Remarks

Contains the pre-shared key for the PSK (Pre-Shared Key) key-exchange mechanism, encoded with base16.

This property is not available at design time.

Data Type

String

TLSPreSharedKeyCiphersuite Property (OAuthClient Component)

Defines the ciphersuite used for PSK (Pre-Shared Key) negotiation.

Syntax

__property String TLSPreSharedKeyCiphersuite = { read=FTLSPreSharedKeyCiphersuite, write=FSetTLSPreSharedKeyCiphersuite };

Default Value

""

Remarks

Defines the ciphersuite used for PSK (Pre-Shared Key) negotiation.

Data Type

String

TLSRenegotiationAttackPreventionMode Property (OAuthClient Component)

Selects the renegotiation attack prevention mechanism.

Syntax

__property TsbxOAuthClientTLSRenegotiationAttackPreventionModes TLSRenegotiationAttackPreventionMode = { read=FTLSRenegotiationAttackPreventionMode, write=FSetTLSRenegotiationAttackPreventionMode };

enum TsbxOAuthClientTLSRenegotiationAttackPreventionModes {
  crapmCompatible=0,
  crapmStrict=1,
  crapmAuto=2
};

Default Value

crapmAuto

Remarks

Selects the renegotiation attack prevention mechanism.

The following options are available:

Data Type

Integer

TLSRevocationCheck Property (OAuthClient Component)

Specifies the kind(s) of revocation check to perform.

Syntax

__property TsbxOAuthClientTLSRevocationChecks TLSRevocationCheck = { read=FTLSRevocationCheck, write=FSetTLSRevocationCheck };

enum TsbxOAuthClientTLSRevocationChecks {
  crcNone=0,
  crcAuto=1,
  crcAllCRL=2,
  crcAllOCSP=3,
  crcAllCRLAndOCSP=4,
  crcAnyCRL=5,
  crcAnyOCSP=6,
  crcAnyCRLOrOCSP=7,
  crcAnyOCSPOrCRL=8
};

Default Value

crcAuto

Remarks

Specifies the kind(s) of revocation check to perform.

Revocation checking is necessary to ensure the integrity of the chain and obtain up-to-date certificate validity and trustworthiness information.

This setting controls the way the revocation checks are performed for every certificate in the chain. Typically certificates come with two types of revocation information sources: CRL (certificate revocation lists) and OCSP responders. CRLs are static objects periodically published by the CA at some online location. OCSP responders are active online services maintained by the CA that can provide up-to-date information on certificate statuses in near real time.

There are some conceptual differences between the two. CRLs are normally larger in size. Their use involves some latency because there is normally some delay between the time when a certificate was revoked and the time the subsequent CRL mentioning that is published. The benefits of CRL is that the same object can provide statuses for all certificates issued by a particular CA, and that the whole technology is much simpler than OCSP (and thus is supported by more CAs).

This setting lets you adjust the validation course by including or excluding certain types of revocation sources from the validation process. The crcAnyOCSPOrCRL setting (give preference to the faster OCSP route and only demand one source to succeed) is a good choice for most typical validation environments. The "crcAll*" modes are much stricter, and may be used in scenarios where bulletproof validity information is essential.

Note: If no CRL or OCSP endpoints are provided by the CA, the revocation check will be considered successful. This is because the CA chose not to supply revocation information for its certificates, meaning they are considered irrevocable.

Note: Within each of the above settings, if any retrieved CRL or OCSP response indicates that the certificate has been revoked, the revocation check fails.

This property is not available at design time.

Data Type

Integer

TLSSSLOptions Property (OAuthClient Component)

Various SSL (TLS) protocol options, set of cssloExpectShutdownMessage 0x001 Wait for the close-notify message when shutting down the connection cssloOpenSSLDTLSWorkaround 0x002 (DEPRECATED) Use a DTLS version workaround when talking to very old OpenSSL versions cssloDisableKexLengthAlignment 0x004 Do not align the client-side PMS by the RSA modulus size.

Syntax

__property int TLSSSLOptions = { read=FTLSSSLOptions, write=FSetTLSSSLOptions };

Default Value

16

Remarks

Various SSL (TLS) protocol options, set of

Data Type

Integer

TLSTLSMode Property (OAuthClient Component)

Specifies the TLS mode to use.

Syntax

__property TsbxOAuthClientTLSTLSModes TLSTLSMode = { read=FTLSTLSMode, write=FSetTLSTLSMode };

enum TsbxOAuthClientTLSTLSModes {
  smDefault=0,
  smNoTLS=1,
  smExplicitTLS=2,
  smImplicitTLS=3,
  smMixedTLS=4
};

Default Value

smDefault

Remarks

Specifies the TLS mode to use.

Data Type

Integer

TLSUseExtendedMasterSecret Property (OAuthClient Component)

Enables the Extended Master Secret Extension, as defined in RFC 7627.

Syntax

__property bool TLSUseExtendedMasterSecret = { read=FTLSUseExtendedMasterSecret, write=FSetTLSUseExtendedMasterSecret };

Default Value

false

Remarks

Enables the Extended Master Secret Extension, as defined in RFC 7627.

Data Type

Boolean

TLSUseSessionResumption Property (OAuthClient Component)

Enables or disables the TLS session resumption capability.

Syntax

__property bool TLSUseSessionResumption = { read=FTLSUseSessionResumption, write=FSetTLSUseSessionResumption };

Default Value

false

Remarks

Enables or disables the TLS session resumption capability.

Data Type

Boolean

TLSVersions Property (OAuthClient Component)

The SSL/TLS versions to enable by default.

Syntax

__property int TLSVersions = { read=FTLSVersions, write=FSetTLSVersions };

Default Value

16

Remarks

The SSL/TLS versions to enable by default.

Data Type

Integer

TokenType Property (OAuthClient Component)

Returns the access token type.

Syntax

__property String TokenType = { read=FTokenType };

Default Value

""

Remarks

The access token type provides a client with the information on how to use the AccessToken. The understanding of token type is the client's responsibility. Some token types are described, for instance, in RFC 6750 and OAuth-HTTP-MAC specifications.

This property is read-only and not available at design time.

Data Type

String

TokenURL Property (OAuthClient Component)

Specifies the URL of the token endpoint.

Syntax

__property String TokenURL = { read=FTokenURL, write=FSetTokenURL };

Default Value

""

Remarks

The token endpoint is used by the client, which needs access to protected resource, to obtain access token from the authorization server.

Data Type

String

TrustedCertCount Property (OAuthClient Component)

The number of records in the TrustedCert arrays.

Syntax

__property int TrustedCertCount = { read=FTrustedCertCount, write=FSetTrustedCertCount };

Default Value

0

Remarks

This property controls the size of the following arrays:

• TrustedCertBytes
• TrustedCertHandle

The array indices start at 0 and end at TrustedCertCount - 1.

This property is not available at design time.

Data Type

Integer

TrustedCertBytes Property (OAuthClient Component)

Returns the raw certificate data in DER format.

Syntax

__property DynamicArray TrustedCertBytes[int TrustedCertIndex] = { read=FTrustedCertBytes };

Remarks

Returns the raw certificate data in DER format.

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is read-only and not available at design time.

Data Type

Byte Array

TrustedCertHandle Property (OAuthClient Component)

Allows to get or set a 'handle', a unique identifier of the underlying property object.

Syntax

__property __int64 TrustedCertHandle[int TrustedCertIndex] = { read=FTrustedCertHandle, write=FSetTrustedCertHandle };

Default Value

0

Remarks

Allows to get or set a 'handle', a unique identifier of the underlying property object. Use this property to assign objects of the same type in a quicker manner, without copying them fieldwise.

When you pass a handle of one object to another, the source object is copied to the destination rather than assigned. It is safe to get rid of the original object after such operation. pdfSigner.setSigningCertHandle(certMgr.getCertHandle());

The TrustedCertIndex parameter specifies the index of the item in the array. The size of the array is controlled by the TrustedCertCount property.

This property is not available at design time.

Data Type

Long64

Username Property (OAuthClient Component)

The connecting user's username (login name).

Syntax

__property String Username = { read=FUsername, write=FSetUsername };

Default Value

""

Remarks

Assign the user's login name to this property. Use Password to provide the password. The Username and Password properties are used only when GrantType is oauthPasswordCredentials.

Data Type

String

Authorize Method (OAuthClient Component)

Performs user authorization and gets an access token.

Syntax

bool __fastcall Authorize();

Remarks

Call this method to perform user authorization and get an access token. When the user completes authorization and its data is sent to the server, OAuthClient will fire the Wait event periodically, to show how much waiting time is left. Upon successful authorization, the AccessToken and ExpiresAt properties are filled.

Returns true if the authorization was granted, and false otherwise.

CompleteAuthorization Method (OAuthClient Component)

Completes the authorization routine.

Syntax

void __fastcall CompleteAuthorization(String RedirectedData);

Remarks

Call this method to complete the OAuth authorization process started earlier. Provide the data received from the OAuth server via the RedirectedData parameter.

Config Method (OAuthClient Component)

Sets or retrieves a configuration setting.

Syntax

String __fastcall Config(String ConfigurationString);

Remarks

Config is a generic method available in every component. It is used to set and retrieve configuration settings for the component.

These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the component, access to these internal properties is provided through the Config method.

To set a configuration setting named PROPERTY, you must call Config("PROPERTY=VALUE"), where VALUE is the value of the setting expressed as a string. For boolean values, use the strings "True", "False", "0", "1", "Yes", or "No" (case does not matter).

To read (query) the value of a configuration setting, you must call Config("PROPERTY"). The value will be returned as a string.

DoAction Method (OAuthClient Component)

Performs an additional action.

Syntax

String __fastcall DoAction(String ActionID, String ActionParams);

Remarks

DoAction is a generic method available in every component. It is used to perform an additional action introduced after the product major release. The list of actions is not fixed, and may be flexibly extended over time.

The unique identifier (case insensitive) of the action is provided in the ActionID parameter.

ActionParams contains the value of a single parameter, or a list of multiple parameters for the action in the form of PARAM1=VALUE1;PARAM2=VALUE2;....

Reset Method (OAuthClient Component)

Resets the component settings.

Syntax

void __fastcall Reset();

Remarks

Reset is a generic method available in every component.

StartAuthorization Method (OAuthClient Component)

Initiates OAuth authorization protocol.

Syntax

String __fastcall StartAuthorization();

Remarks

Call this method to initiate the OAuth authorization protocol. Set up the properties of the component as required before calling this method.

Error Event (OAuthClient Component)

Provides information about errors during authorization operations.

Syntax

typedef struct {
  int ErrorCode;
  String Description;
} TsbxOAuthClientErrorEventParams;
typedef void __fastcall (__closure *TsbxOAuthClientErrorEvent)(System::TObject* Sender, TsbxOAuthClientErrorEventParams *e);
__property TsbxOAuthClientErrorEvent OnError = { read=FOnError, write=FOnError };

Remarks

This event is fired in case of exceptional conditions occured during authorization operations.

ErrorCode contains an error code and Description contains a textual description of the error.

ExternalSign Event (OAuthClient Component)

Handles remote or external signing initiated by the SignExternal method or other source.

Syntax

typedef struct {
  String OperationId;
  String HashAlgorithm;
  String Pars;
  String Data;
  String SignedData;
} TsbxOAuthClientExternalSignEventParams;
typedef void __fastcall (__closure *TsbxOAuthClientExternalSignEvent)(System::TObject* Sender, TsbxOAuthClientExternalSignEventParams *e);
__property TsbxOAuthClientExternalSignEvent OnExternalSign = { read=FOnExternalSign, write=FOnExternalSign };

Remarks

Assign a handler to this event if you need to delegate a low-level signing operation to an external, remote, or custom signing engine. Depending on the settings, the handler will receive a hashed or unhashed value to be signed.

The event handler must pass the value of Data to the signer, obtain the signature, and pass it back to the component via the SignedData parameter.

OperationId provides a comment about the operation and its origin. It depends on the exact component being used, and may be empty. HashAlgorithm specifies the hash algorithm being used for the operation, and Pars contains algorithm-dependent parameters.

The component uses base16 (hex) encoding for the Data, SignedData, and Pars parameters. If your signing engine uses a different input and output encoding, you may need to decode and/or encode the data before and/or after the signing.

A sample MD5 hash encoded in base16: a0dee2a0382afbb09120ffa7ccd8a152 - lower case base16 A0DEE2A0382AFBB09120FFA7CCD8A152 - upper case base16

A sample event handler that uses the .NET RSACryptoServiceProvider class may look like the following: signer.OnExternalSign += (s, e) => { var cert = new X509Certificate2("cert.pfx", "", X509KeyStorageFlags.Exportable); var key = (RSACryptoServiceProvider)cert.PrivateKey; var dataToSign = e.Data.FromBase16String(); var signedData = key.SignHash(dataToSign, "2.16.840.1.101.3.4.2.1"); e.SignedData = signedData.ToBase16String(); };

LaunchBrowser Event (OAuthClient Component)

Fires to show the login page to the end-user.

Syntax

typedef struct {
  String URL;
  bool Handled;
} TsbxOAuthClientLaunchBrowserEventParams;
typedef void __fastcall (__closure *TsbxOAuthClientLaunchBrowserEvent)(System::TObject* Sender, TsbxOAuthClientLaunchBrowserEventParams *e);
__property TsbxOAuthClientLaunchBrowserEvent OnLaunchBrowser = { read=FOnLaunchBrowser, write=FOnLaunchBrowser };

Remarks

Subscribe to this event to respond to requests from the component to open the URL in the browser. Set Handled to true to report that the URL has been opened in the browser.

Notification Event (OAuthClient Component)

This event notifies the application about an underlying control flow event.

Syntax

typedef struct {
  String EventID;
  String EventParam;
} TsbxOAuthClientNotificationEventParams;
typedef void __fastcall (__closure *TsbxOAuthClientNotificationEvent)(System::TObject* Sender, TsbxOAuthClientNotificationEventParams *e);
__property TsbxOAuthClientNotificationEvent OnNotification = { read=FOnNotification, write=FOnNotification };

Remarks

The component fires this event to let the application know about some event, occurrence, or milestone in the component. For example, it may fire to report completion of the document processing. The list of events being reported is not fixed, and may be flexibly extended over time.

The unique identifier of the event is provided in the EventID parameter. EventParam contains any parameters accompanying the occurrence. Depending on the type of the component, the exact action it is performing, or the document being processed, one or both may be omitted.

This component can fire this event with the following EventID values:

TLSCertNeeded Event (OAuthClient Component)

Fires when a remote TLS party requests a client certificate.

Syntax

typedef struct {
  String Host;
  String CANames;
} TsbxOAuthClientTLSCertNeededEventParams;
typedef void __fastcall (__closure *TsbxOAuthClientTLSCertNeededEvent)(System::TObject* Sender, TsbxOAuthClientTLSCertNeededEventParams *e);
__property TsbxOAuthClientTLSCertNeededEvent OnTLSCertNeeded = { read=FOnTLSCertNeeded, write=FOnTLSCertNeeded };

Remarks

This event fires to notify the implementation that a remote TLS server has requested a client certificate. The Host parameter identifies the host that makes a request, and the CANames parameter (optional, according to the TLS spec) advises on the accepted issuing CAs.

Use the TLSClientChain property in response to this event to provide the requested certificate. Please make sure the client certificate includes the associated private key. Note that you may set the certificates before the connection without waiting for this event to fire.

This event is preceded by the TLSHandshake event for the given host and, if the certificate was accepted, succeeded by the TLSEstablished event.

TLSCertValidate Event (OAuthClient Component)

This event is fired upon receipt of the TLS server's certificate, allowing the user to control its acceptance.

Syntax

typedef struct {
  String ServerHost;
  String ServerIP;
  bool Accept;
} TsbxOAuthClientTLSCertValidateEventParams;
typedef void __fastcall (__closure *TsbxOAuthClientTLSCertValidateEvent)(System::TObject* Sender, TsbxOAuthClientTLSCertValidateEventParams *e);
__property TsbxOAuthClientTLSCertValidateEvent OnTLSCertValidate = { read=FOnTLSCertValidate, write=FOnTLSCertValidate };

Remarks

This event is fired during a TLS handshake. Use the TLSServerChain property to access the certificate chain. In general, components may contact a number of TLS endpoints during their work, depending on their configuration.

Accept is assigned in accordance with the outcome of the internal validation check performed by the component, and can be adjusted if needed.

TLSEstablished Event (OAuthClient Component)

Fires when a TLS handshake with Host successfully completes.

Syntax

typedef struct {
  String Host;
  String Version;
  String Ciphersuite;
  DynamicArray ConnectionId;
  bool Abort;
} TsbxOAuthClientTLSEstablishedEventParams;
typedef void __fastcall (__closure *TsbxOAuthClientTLSEstablishedEvent)(System::TObject* Sender, TsbxOAuthClientTLSEstablishedEventParams *e);
__property TsbxOAuthClientTLSEstablishedEvent OnTLSEstablished = { read=FOnTLSEstablished, write=FOnTLSEstablished };

Remarks

The component uses this event to notify the application about a successful completion of a TLS handshake.

The Version, Ciphersuite, and ConnectionId parameters indicate the security parameters of the new connection. Use the Abort parameter if you need to terminate the connection at this stage.

TLSHandshake Event (OAuthClient Component)

Fires when a new TLS handshake is initiated, before the handshake commences.

Syntax

typedef struct {
  String Host;
  bool Abort;
} TsbxOAuthClientTLSHandshakeEventParams;
typedef void __fastcall (__closure *TsbxOAuthClientTLSHandshakeEvent)(System::TObject* Sender, TsbxOAuthClientTLSHandshakeEventParams *e);
__property TsbxOAuthClientTLSHandshakeEvent OnTLSHandshake = { read=FOnTLSHandshake, write=FOnTLSHandshake };

Remarks

The component uses this event to notify the application about the start of a new TLS handshake to Host. If the handshake is successful, this event will be followed by the TLSEstablished event. If the server chooses to request a client certificate, the TLSCertNeeded event will also be fired.

TLSPSK Event (OAuthClient Component)

Notifies the application about the PSK key exchange.

Syntax

typedef struct {
  String Host;
  String Hint;
} TsbxOAuthClientTLSPSKEventParams;
typedef void __fastcall (__closure *TsbxOAuthClientTLSPSKEvent)(System::TObject* Sender, TsbxOAuthClientTLSPSKEventParams *e);
__property TsbxOAuthClientTLSPSKEvent OnTLSPSK = { read=FOnTLSPSK, write=FOnTLSPSK };

Remarks

The component fires this event to notify the application about the beginning of TLS-PSK key exchange with Host. The Hint parameter may be used by the server to identify the key or service to use. Use the PreSharedKey field of TLSSettings to provide the pre-shared key to the component.

TLSShutdown Event (OAuthClient Component)

Reports the graceful closure of a TLS connection.

Syntax

typedef struct {
  String Host;
} TsbxOAuthClientTLSShutdownEventParams;
typedef void __fastcall (__closure *TsbxOAuthClientTLSShutdownEvent)(System::TObject* Sender, TsbxOAuthClientTLSShutdownEventParams *e);
__property TsbxOAuthClientTLSShutdownEvent OnTLSShutdown = { read=FOnTLSShutdown, write=FOnTLSShutdown };

Remarks

This event notifies the application about the closure of an earlier established TLS connection. Note that only graceful connection closures are reported.

Wait Event (OAuthClient Component)

Fired periodically to show how much waiting time is left.

Syntax

typedef struct {
  int TimeLeft;
  bool Stop;
} TsbxOAuthClientWaitEventParams;
typedef void __fastcall (__closure *TsbxOAuthClientWaitEvent)(System::TObject* Sender, TsbxOAuthClientWaitEventParams *e);
__property TsbxOAuthClientWaitEvent OnWait = { read=FOnWait, write=FOnWait };

Remarks

This event is fired after authorization is started, to show how much time is left to wait for server's response. Waiting can be cancelled by setting the Stop parameter to true, which will result in authorization failure.

Config Settings (OAuthClient Component)

The component accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the component, access to these internal properties is provided through the Config method.

OAuthClient Config Settings

Base Config Settings

Trappable Errors (OAuthClient Component)