Website Download Support
 

Discuss this help topic in SecureBlackbox Forum

Use of OAuth client when refresh token is available

If you posess a refresh token, there is no need to ask user for authorization each time the application starts. Instead you can use the saved refresh token to obtain new access token.

  1. Create an instance of TElHTTPSClient class which will be used for transport

    C#: 

    
// create and setup the http transport to be used to talk to
// the authorization server
TElHTTPSClient oauthTransport = new TElHTTPSClient();

// assign an event handler to validate SSL certificate(s)
oauthTransport.OnCertificateValidate += ...;

  2. Create an instance of TElSimpleOAuth2Client class and set the following properties: AuthURL, ClientID, ClientSecret, RedirectURL, Scope, TokenURL.

    C#: 

    
// create a OAuth 2.0 client
TElSimpleOAuth2Client oauth = new TElSimpleOAuth2Client();

// assign the created HTTPS transport
oauth.HTTPClient = https;

// set the local URL to be used during authorization;
// the specified port must be free and the application
// has to be allowed to open a listening socket on that port
oauth.RedirectURL = @"http://localhost:5050/";

// authorization server URLs
oauth.AuthURL = @"https://accounts.google.com/o/oauth2/auth";
oauth.TokenURL = @"https://accounts.google.com/o/oauth2/token";

// copy the client id and the client secret of your app
// registered in Google Developers Console
oauth.ClientID = @"your_client_id";
oauth.ClientSecret = @"your_client_secret";

// tell the authorization server what access is needed
oauth.Scope = @"https://www.googleapis.com/auth/userinfo.email
                https://www.googleapis.com/auth/userinfo.profile";

  3. Call Authorize() or StartAuthorization() method depending on whether you use an external or an embedded browser.
    • Authorize() method will try to automatically obtain new access token. On success, it returns true. If the token can not be obtained, then a full authorization process is initiated as described in the corresponding article.
    • StartAuthorization() wil also attempt to obtain new access token automatically. On success, it returns an empty string. Otherwise, a URL of the authorization page is returned, which has to be shown to the user. Further steps are described in details in the corresponding article.
  4. When new access token has been received, remember to save the new value of the RefreshToken.

How To articles about client-side OAuth questions

Discuss this help topic in SecureBlackbox Forum

Copyright (c) 2018, /n software, inc.