OAuth Provider Definition
Description
The oAuth Provider Definition in a JSON configuration file with a .json extension that is stored in a oAuthProviders folder in the WebProject, the system oAuth Providers are stored in the oAuthProviders folder under the EXE path.
oAuth 2.0 definitions
Google is a good example of an oAuth 2.0 endpoint. The JSON profile information example below shows the settings.
{ "profile": { "host": "accounts.google.com/o", "authorize_path": "/oauth2/v2/auth", "token_path" : "/oauth/access_token", "resource_host": "www.googleapis.com", "oauth_version": "2.0", "oauth2_bearer": "{AccessToken}", "oauth2_scope": "profile email", "TokenTimeoutCodepattern": "AddSecondsToNow", "SuccessVariable": "code", "TokenExpiresVariable": "expires_in", "ProfileIdVariable": "id", "getProfileInfo": "/oauth2/v1/userinfo", "accessFromRefreshTokenUrl": "https://www.googleapis.com/oauth2/v4/token", "TemplateDisplayName": "{name}", "ProcessCodePattern": "oAuth 2.0 - Generic", "UIWindowWidth": "500:100", "UIWindowHeight": "550:40" } }
OAuth 2.0 Properties Used To Define an OAuth Provider
- Name
- Property and Description
- OAuth Version
Property: oauth_version. Specifies oAuth version - 2.0
URLS
Full or partial URL's used to get data from provider.
- Name
- Property and Description
- Host
Property: host. URL host for oAuth 2.0 service
- Resource Host
Property: resource_host. Host for resources .
- Authorize path
Property: authorize_path.Endpoint to login to account
- Token Path
Property: token_path. Endpoint to exchange code for access token.
- Get Profile Info
Property: getProfileInfo. Endpoint to retreive Profile Information (if using the provider for external login).
- Access Token From Refresh
Property: AccessFromRefreshTokenURL. Optional, The path request used to exchange a valid refresh token for an access token
- Get Profile Method
Property: getProfileMethod. Optional, HTTP request method used with the 'Get profile info' URL = Either GET or POST
- Enable Proof
Property: enable_proof. Optional, Send optional security method
Options
Optional properties to get desired data
- Name
- Property and Description
- Base Scopes
Property: oauth2_scope. Scopes required for login information (if using the provider for external login).
- Bearer Token
Property: oauth2_bearer. Template for filling in Access token from result.
Data and Data Processing
Variables returned by provider that contain data and data process info.
- Name
- Property and Description
- Variable returned on success
Property: SuccessVariable. Name of variable returned from provider after validation
- Variable returned on a fail or cancel
Property: ErrorVariable. Optional, Variable returned on failed or cancelled request
- Variable returned with user identifier
Property: ProfileIdVariable. Field returned by the getProfileInfo endpoint that idenities the user for external login.
- Variable that has URL to get user profile
Property: ProfileURLVariable. Optional, Variable that contains URL to get user profile identifier (replaces getProfileInfo)
- Variable used for token expiration value
Property: TokenExpiresVariable. Optional, Variable that contains access token timeout data
- Token timeout code pattern
Property: TokenTimeoutCodepattern. Used to calculate when token expires.
- Variable used for token issued time
Property: TokenIssuedVariable. Optional, Some timeouts are calculated from an issued time
- Token lifetime in seconds
Property: TokenTimeout. Optional, Seconds to expire after issued time
- Process code pattern
Property: ProcessCodePattern. Optional, OAuth version specific process pattern
- Template for display name
Property: TemplateDisplayName. Optional, Template with placeholders to use to define a user display name
- Template for email
Property: TemplateEmail. Optional, Template with placeholders to define the user email address
UI Configuration
Configure web and desktop windows for user input.
- Name
- Property and Description
- Web Pop up window height
Property: PopUIWindowHeight. Optional, Web ONLY. Height of popup window to show provider login
- Web Pop up window width
Property: PopUIWindowWidth. Optional, Web ONLY. Width of popup window to show provider login
- Desktop window height
Property: XDUIWindowHeight. Optional, Desktop ONLY. Height of xDialog form to show provider logn
- Desktop window width
Property: XDUIWindowWidth. Optional, Desktop ONLY. Width of xDialog form to show provider login.
- Text for client id
Property: UIClientIdText. Optional, Desktop ONLY. Label text to show on xDialog forms for "client id"
- Text for client secret
Property: UIClientSecretText. Optional, Desktop ONLY. Label text to show on xDialog forms for "client secret"
OAuth 1.0 Properties
OAuth 1.0 Properties are slightly different because oAuth 1.0 has more endpoints, and requires a hash method and protocol (http/https) to be specified.
- Property
- Description
- oauth_version
oAuth Version - 1.0
- host
hostname for oAuth 1.0 service.
- use_ssl
Does the service use SSL (oAuth 1.0 allows for http since all requests against apis are signed)
- authorize_path
Get a request token - this is the first call, done to establish a secret for the request.
- authenticate_path
Login endpoint - prompts the user for access.
- access_token_path
Endpoint to exchange code returned from login for access token.
- oauth_signature_method
Method used to sign keys - i.e. HMAC-SHA1.