Discuss this help topic in SecureBlackbox Forum

Clouds: Connect to OneDrive service and authenticate for the first time

To connect to OneDrive for the first time, it's necessary to take the following steps:

  1. Put Application ID and Application Secret (Application Secret is not needed if you use an embedded browser), obtained during registration, to TElOneDriveDataStorage.ClientID and TElOneDriveDataStorage.ClientSecret properties respectively.
    Also, if you specified a Redirect URL during registration of your application, then you need to set RedirectURL property to the value of this URL. If no Redirect URL provided, the component will use a special value.
  2. Create an instance of TElHTTPSClient, which will be used as a transport, and put a reference to the newly created instance to TElOneDriveDataStorage.HTTPClient property.
  3. Call TElOneDriveDataStorage.StartAuthorization() method and get an URL to use in the browser.
  4. For embedded browser - navigate the browser control to the URL returned by StartAuthorization() method in order to let the user login on OneDrive authorization server.
    For external browser - direct the browser to the URL returned by StartAuthorization() method.

    If you have specified Redirect URL, then after the user is authenticated, the browser will be redirected to the URL, specified as a RedirectURL during registration of your application. The server, that handles the URL, should extract the authorization code from the requested URL. The authorization code is passed in "code" parameter of the URL.
    Instead of using an external HTTP server you can use TElOAuth2RedirectReceiver component, which will do the job.

    If you have not specified Redirect URL, the browser will be redirected to a special URI "urn:ietf:wg:oauth:2.0:oob". The full URL will include the "code" parameter, whose value you need to capture. This is a so-called "authorization code". You will need it in order to complete the authorization process.
  5. After receiving the authorization code you need to call TElOneDriveDataStorage.CompleteAuthorization() method and pass the authorization code to that method. If CompleteAuthorization() method is executed without errors, you need to save the value of TElOneDriveDataStorage.RefreshToken property. The refresh token will let you avoid re-authentication in the consequent sessions.

The code below shows how to authenticate the user with help of TElOauth2RedirectReceiver component.


// create a HTTP client for transport purpose
TElHTTPSClient transport = new TElHTTPSClient();

// set SSL versions to TLS 1.x
transport.Versions = SBSSLConstants.__Global.sbTLS1 |
    SBSSLConstants.__Global.sbTLS11 | SBSSLConstants.__Global.sbTLS12;

// provide an event handler for validating SSL certificate(s)
transport.OnCertificateValidate += ...;

// actually, create a data storage object
TElOneDriveDataStorage storage = new TElOneDriveDataStorage();

// link it to the transport client
storage.HTTPClient = transport;

// setup redirect url
storage.RedirectURL = @"http://localhost:5050/";

// set client id and client secret parameters obtained in the OneDrive console
storage.ClientID = @"...";
storage.ClientSecret = @"...";

// restore the refresh token stored in the previous session;
// refresh tokens are explained in the next section
storage.RefreshToken = @"...";

// start authorization procedure
string url = storage.StartAuthorization();

// check if a manual authorization in a browser is required
// (no refresh token or expired refresh token provided)
if (!String.IsNullOrEmpty(url))
   Console.WriteLine("Authorization required");

   // create a redirect receiver to get an authorization code
   TElOAuth2RedirectReceiver receiver = new TElOAuth2RedirectReceiver();

   // activate the receiver on the specified redirect URL

   // start the default browser and ask it to open the authorization web page

   // wait until the user authorizes in the browser and
   // grants access to his/her account on the Box server
   while (!receiver.Receive())
       // for demo purpose, we just write a dot to the console and
       // freeze the thread for a half of a second; timeout is not handled

   // complete authorization using the provided code

// save the refresh token for further use
Console.WriteLine("Refresh token: {0}\n", storage.RefreshToken);

How To articles about OneDrive cloud

Discuss this help topic in SecureBlackbox Forum