eSeGeCe
software
Hi,
when running an OAuth2-Server: How is it possible to save and load the issued refresh and access-tokens so the users can authenticate after restarting my server application?
Thanks for your response.
BR
Christian
when running an OAuth2-Server: How is it possible to save and load the issued refresh and access-tokens so the users can authenticate after restarting my server application?
Thanks for your response.
BR
Christian
Hello,
I've added a new method called AddToken, where you can reload the issued access tokens. This feature will be available on next sgcWebsockets release.
You can read more about this new feature from the following link:
https://www.esegece.com/help/sgcWebSockets/#t=Components%2FHTTP%2FAuthorization%2FOAuth2%2Fserver%2FQuickStart%2FOAuth2_Recover_Access_Tokens.htm
Thanks for the feedback.
Kind Regards,
Sergio
I've added a new method called AddToken, where you can reload the issued access tokens. This feature will be available on next sgcWebsockets release.
You can read more about this new feature from the following link:
https://www.esegece.com/help/sgcWebSockets/#t=Components%2FHTTP%2FAuthorization%2FOAuth2%2Fserver%2FQuickStart%2FOAuth2_Recover_Access_Tokens.htm
Thanks for the feedback.
Kind Regards,
Sergio
Hi Sergio,
thanks for your quick response. So I have to parse the REST-Response in OnAfterAccessToken, store Access-Token, Refresh-Token and Access-Token-Expiration and Add them upon re-creation of the component. This should work.
Can you estimate when the next release will be available?
Thanks.
BR
Christian
thanks for your quick response. So I have to parse the REST-Response in OnAfterAccessToken, store Access-Token, Refresh-Token and Access-Token-Expiration and Add them upon re-creation of the component. This should work.
Can you estimate when the next release will be available?
Thanks.
BR
Christian
Hello,
Yes, first save the token, I've updated the demo and now the token is stored in an INIFile (of course you can use any other method, is just for testing purposes)
And when the server starts, load the tokens saved.
Next week I will release a new sgcWebSockets version.
Kind Regards,
Sergio
Yes, first save the token, I've updated the demo and now the token is stored in an INIFile (of course you can use any other method, is just for testing purposes)
procedure TFRMOAuth2Server.OAuth2OAuth2AfterAccessToken(Sender: TObject; Connection: TsgcWSConnection; OAuth2: TsgcHTTPOAuth2Request; aResponse: string);
begin
DoLog('Access Token Issued');
// ... save token in INIFile to recover the token if server is restarted
DoSaveToken(oAuth2);
end;
procedure TFRMOAuth2Server.DoSaveToken(const aAuth2: TsgcHTTPOAuth2Request);
var
oINI: TINIFile;
begin
oINI := TINIFile.Create(ChangeFileExt(Application.ExeName, '.ini'));
Try
oINI.WriteString(aAuth2.App.AppName, 'Token', aAuth2.Token.AccessToken);
oINI.WriteString(aAuth2.App.AppName, 'RefreshToken', aAuth2.Token.RefreshToken);
oINI.WriteDateTime(aAuth2.App.AppName, 'Expires', aAuth2.Token.Expires);
Finally
oINI.Free;
End;
end;
And when the server starts, load the tokens saved.
Next week I will release a new sgcWebSockets version.
Kind Regards,
Sergio
Hello,
A new version has been released, the trial includes this fix and the Oauth2 demo has been updated.
Kind Regards,
Sergio
A new version has been released, the trial includes this fix and the Oauth2 demo has been updated.
Kind Regards,
Sergio
Hi Sergio,
I just checked the new version (4.5.0 TRIAL). Currently the OnAfterAccessToken-event is not firing anymore. This is also reproducable in the OAuth2-Server-Demo.
Anyway: I think I will license the source version today so I can dig a little bit deeper into the magic behind this.
Thanks.
BR
Christian
I just checked the new version (4.5.0 TRIAL). Currently the OnAfterAccessToken-event is not firing anymore. This is also reproducable in the OAuth2-Server-Demo.
Anyway: I think I will license the source version today so I can dig a little bit deeper into the magic behind this.
Thanks.
BR
Christian
Hi,
I've done a test using the already compiled demo and seems it's working well, the event OnAfterAccessToken is called after receiving successfully a new token
Kind Regards,
Sergio
I've done a test using the already compiled demo and seems it's working well, the event OnAfterAccessToken is called after receiving successfully a new token
Kind Regards,
Sergio
- Page :
- 1
There are no replies made for this post yet.