TsgcHTTP_OAuth2_Client › Properties › HTTPClientOptions

HTTPClientOptions Property

TLS and logging configuration of the internal HTTP client used to POST to the token, revocation and introspection endpoints.

Syntax

property HTTPClientOptions: TsgcHTTPClient_Options read FHTTPClientOptions write SetHTTPClientOptions;

Default Value

Default TLS options; logging disabled.

Remarks

Every call issued by the component to the authorization server — token request, refresh, revoke and introspect — is performed through a shared internal HTTP client. HTTPClientOptions configures that client:

• TLSOptions: TLS settings applied when the endpoint uses HTTPS.
  • IOHandler: iohOpenSSL (default), iohSChannel (Windows only), iohAndroidTLS or iohAppleTLS. On Android, iohAndroidTLS uses the platform native TLS (javax.net.ssl.SSLEngine) and on iOS and macOS, iohAppleTLS uses Apple native TLS, so no OpenSSL libraries need to be deployed; native platform TLS requires the Enterprise edition.
  • Version: minimum TLS version negotiated.
  • RootCertFile / CertFile / KeyFile / Password: client-certificate material.
  • VerifyCertificate / VerifyDepth: server-certificate validation.
  • ALPNProtocols: ALPN identifiers advertised during handshake.
  • OpenSSL_Options / SChannel_Options: back-end specific settings.
• LogOptions: when a filename is assigned, every HTTP request/response sent by the internal client is written to that file.

Example

oOAuth2.HTTPClientOptions.TLSOptions.Version := tls1_2;
oOAuth2.HTTPClientOptions.TLSOptions.VerifyCertificate := True;
oOAuth2.HTTPClientOptions.LogOptions.FileName := 'oauth2_client.log';
oOAuth2.HTTPClientOptions.LogOptions.Enabled := True;

Back to Properties