TsgcHTTP_OAuth2_Client › Events › OnAfterAccessToken
Fires when the token endpoint returns a successful access-token response.
property OnAfterAccessToken: TsgcOnAuth2AfterAccessToken;
// TsgcOnAuth2AfterAccessToken = procedure(Sender: TObject; const Access_Token, Token_Type, Expires_In, Refresh_Token, Scope, RawParams: String; var Handled: Boolean) of object—
OnAfterAccessToken is raised when the authorization server replies with a 200 OK JSON body containing the tokens. Access_Token is the bearer token used to call the protected resource, Token_Type is normally 'Bearer' but can be 'DPoP' when DPoP proofing is enabled, Expires_In is the lifetime in seconds, Refresh_Token (optional) is used by OnBeforeRefreshToken to renew the access token without user interaction, Scope reports the granted scopes, and RawParams contains the full raw JSON body for provider-specific fields (id_token, resource, etc.). After this event the component exposes the same values through the AccessToken, TokenType, CurrentExpiresIn and CurrentRefreshToken read-only properties.
procedure OnOAuth2AfterAccessToken(Sender: TObject; const Access_Token, Token_Type, Expires_In,
Refresh_Token, Scope, RawParams: string; var Handled: Boolean);
begin
DoLog('AfterAccessToken: ' + Access_Token + ' expires in ' + Expires_In + ' seconds');
// persist the refresh token for later reuse
SaveRefreshToken(Refresh_Token);
end;