TsgcHTTP_OAuth2_Server › Methods › AddToken
Pre-seeds an access/refresh token pair into the server token store for a registered application.
function AddToken(const aAppName, aToken: string; aExpires: TDateTime; const aRefreshToken: string; const aScope: string = ''): Boolean;| Name | Type | Description |
|---|---|---|
aAppName | const string | Name of the previously registered application that owns the token. Must match the aName used in RegisterApp. |
aToken | const string | The access token string that the server should accept as valid when presented by a client. |
aExpires | TDateTime | Absolute expiration timestamp of the access token. Once Now exceeds this value, the token is treated as expired. |
aRefreshToken | const string | Refresh token paired with the access token. Pass an empty string if the application does not use refresh tokens. |
aScope | const string | Optional OAuth 2.0 scope string associated with the token (space-separated list). Defaults to empty. |
Returns True when the token is added to the internal store; False if the application cannot be resolved or the entry already exists. (Boolean)
Use AddToken after registering the Apps and before accepting connections to restore tokens that were issued before the server restarted. This keeps already-connected clients from having to re-authorize after a restart. The method only updates the in-memory token table; it does not call any external endpoint nor fire OnOAuth2AfterAccessToken.
// Register the app first, then restore a previously issued token
OAuth2.RegisterApp('MyApp', 'http://127.0.0.1:8080', vClientId, vClientSecret);
OAuth2.AddToken('MyApp', 'abc123accesstoken', Now + EncodeTime(1, 0, 0, 0),
'def456refreshtoken', 'read write');