TsgcHTTP_OAuth2_Server › Methods › DoProcessHTTP
Main HTTP request pipeline hook that dispatches OAuth 2.0 protocol endpoints on the server.
function DoProcessHTTP(const aConnection: TsgcWSConnection; const aHeaders: TStringList): Boolean;| Name | Type | Description |
|---|---|---|
aConnection | const TsgcWSConnection | The active HTTP connection that is serving the current request. Used to send the OAuth2 response (redirect, JSON token payload, sign-in HTML, etc.). |
aHeaders | const TStringList | Raw request headers and request line. The method inspects the method, URL and body to route the request to the Authorization, Token, Revocation, Introspection or Device endpoints. |
Returns True when the request matched an OAuth2 endpoint and was fully handled by the component; returns False when the URL does not belong to OAuth2 so the caller can continue normal HTTP processing. (Boolean)
This is the main HTTP pipeline hook of the OAuth2 server. When you attach the component to an HTTP server via Authentication.OAuth.OAuth2, requests arriving at /sgc/oauth2/auth, /sgc/oauth2/token, /sgc/oauth2/revoke, /sgc/oauth2/introspect, /sgc/oauth2/device and /sgc/oauth2/device/verify are dispatched automatically by calling this method. You only need to call DoProcessHTTP directly in advanced scenarios where you handle the HTTP pipeline yourself (for example, from an OnCommandGet handler). The OnOAuth2BeforeRequest event is raised first and can cancel processing.
// Advanced: plug OAuth2 dispatch into a custom HTTP server pipeline
procedure TMyServer.OnCommandGet(aConnection: TsgcWSConnection; aHeaders: TStringList);
begin
if OAuth2.DoProcessHTTP(aConnection, aHeaders) then Exit; // request handled
// ... your own routing for non-OAuth2 URLs
end;