Discuss this help topic in SecureBlackbox Forum
HTTPS: Setup OAuth2 authentication
(SecureBlackbox 15 and later)
In SecureBlackbox 15 and later TElHTTPSClient employs a ready-to-use authentication token which you can obtain using TElSimpleOAuth2Client component. The token should be placed to TElHTTPSClient.RequestParameters.Password property before you make a request with TElHTTPSClient.
A code snippet below demonstrates how to request user information about from a Google server.
It makes sense to have two separate instances of TElHTTPSClient, one of which is used for authentication and access token request, and another one is used to request the protected information.
C#:
// create and set up an http transport to be used to talk to an authorization server
TElHTTPSClient oauthTransport = new TElHTTPSClient();
// assign an event handler to validate SSL certificate(s)
oauthTransport.OnCertificateValidate += ...;
// create OAuth 2.0 client
TElSimpleOAuth2Client oauth = new TElSimpleOAuth2Client();
// assign the created HTTPS transport
oauth.HTTPClient = oauthTransport;
// set the local URL to be used during authorization;
// the specified port must be free and the program
// has to be allowed to open a listening socket on that port
oauth.RedirectURL = @"http://localhost:5050/";
// the event is fired when it is needed to open the web page
// to login in a browser; here the event handler just starts
// the default web browser and opens the passed URL in it
oauth.OnLaunchBrowser += delegate (object Sender, string URL)
{
System.Diagnostics.Process.Start(URL);
};
// authorization server URLs
oauth.AuthURL = @"https://accounts.google.com/o/oauth2/auth";
oauth.TokenURL = @"https://accounts.google.com/o/oauth2/token";
// copy the client id and the client secret of your app
// registered in Google Developers Console
oauth.ClientID = @"your_client_id";
oauth.ClientSecret = @"your_client_secret";
// tell the authorization server what kind of access is needed
oauth.Scope = @"https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile";
// restore a refresh token from the previous session;
// this allows not to ask the user to login in the browser each time
oauth.RefreshToken = @"refresh_token_string";
// Actually perform the authorization.
// Instead of calling the Authorize() method manually, it is possible to turn on
// the oauth.AutoRefresh property,
// and authorization will be performed automatically on getting the AccessToken
// property value.
// Also the OAuth client will check access token expiration and will refresh it
// when it has expired
if (!oauth.Authorize())
return; // the user has cancelled authorization
// it is a good idea to save the refresh token for future use
Console.WriteLine("RefreshToken: " + oauth.RefreshToken);
// create a HTTPS client to access restricted information
TElHTTPSClient httpClient = new TElHTTPSClient();
// assign an event handler to validate SSL certificate(s)
httpClient.OnCertificateValidate += ...;
// configure the client to use OAuth 2.0 authorization
httpClient.RequestParameters.Password = oauth.AccessToken;
httpClient.UseOAuth2 = true;
// actually request restricted information
httpClient.Get(@"https://www.googleapis.com/oauth2/v1/userinfo");
Console.WriteLine("Status: {0}", httpClient.ServerStatusCode);