Discuss this help topic in SecureBlackbox Forum

OAuth: Use of OAuth client when refresh token is available

If you have a refresh token, there's no need to ask the user for authorization on each application start. Instead you can use the saved refresh token to obtain new access token. To do this you need to

  1. Create an instance of TElHTTPSClient class, which will be used as a transport:

    C#:

    
    // create and setup the http transport to be used to talk to
    // the authorization server
    TElHTTPSClient oauthTransport = new TElHTTPSClient();
    
    // assign an event handler to validate SSL certificate(s)
    oauthTransport.OnCertificateValidate += ...;
    

  2. Create an instance of TElSimpleOAuth2Client class and set all needed parameters using AuthURL, ClientID, ClientSecret, RedirectURL, Scope, TokenURL properties:

    C#:

    
    // create a OAuth 2.0 client
    TElSimpleOAuth2Client oauth = new TElSimpleOAuth2Client();
    
    // assign the created HTTPS transport
    oauth.HTTPClient = https;
    
    // set the local URL to be used during authorization;
    // the specified port must be free and the application
    // has to be allowed to open a listening socket on that port
    oauth.RedirectURL = @"http://localhost:5050/";
    
    // authorization server URLs
    oauth.AuthURL = @"https://accounts.google.com/o/oauth2/auth";
    oauth.TokenURL = @"https://accounts.google.com/o/oauth2/token";
    
    // copy the client id and the client secret of your app
    // registered in Google Developers Console
    oauth.ClientID = @"your_client_id";
    oauth.ClientSecret = @"your_client_secret";
    
    // tell the authorization server what access is needed
    oauth.Scope = @"https://www.googleapis.com/auth/userinfo.email
                    https://www.googleapis.com/auth/userinfo.profile";
    

  3. Call Authorize() or StartAuthorization() method depending on whether you use an external or embedded browser.
    • Authorize() method will try to automatically obtain new access token. If it succeeds, it will return true. If the token can not be obtained, then full authentication is performed as described here.
    • StartAuthorization() also tries to obtain new access token. If it succeeds, it returns the empty string, otherwise the URL of the authorization page will be returned, and the application needs to show that page to the user. This corresponds to the behavior described here.
  4. After successful retrieval of the access token you need to save the value of RefreshToken property.

How To articles about client-side OAuth questions

Discuss this help topic in SecureBlackbox Forum