Discuss this help topic in SecureBlackbox Forum

HTTPS: Setup OAuth2 authentication

(SecureBlackbox 15 and later)

In SecureBlackbox 15 and later TElHTTPSClient uses the ready-to-use authentication token, which you can obtain using TElSimpleOAuth2Client component. The token should be placed to TElHTTPSClient.RequestParameters.Password property before you make a request with TElHTTPSClient.

Below you will find the commented code, which shows, how to request information about the user on Google server.

It is reasonable to use two separate instances of TElHTTPSClient class - one instance would be used for authentication and requesting the access token, and another instance would be used to request the information, that needs authentication.


// create and set up an http transport to be used to talk to an authorization server
TElHTTPSClient oauthTransport = new TElHTTPSClient();
// assign an event handler to validate SSL certificate(s)
oauthTransport.OnCertificateValidate += ...;

// create a OAuth 2.0 client
TElSimpleOAuth2Client oauth = new TElSimpleOAuth2Client();
// assign the created HTTPS transport
oauth.HTTPClient = oauthTransport;
// set the local URL to be used during authorization;
// the specified port must be free and the program
// has to be allowed to open a listening socket on that port
oauth.RedirectURL = @"http://localhost:5050/";
// the event is fired when it's needed to open the web page
// to login in a browser; here the event handler just starts
// the default web browser and opens the passed URL in it
oauth.OnLaunchBrowser += delegate (object Sender, string URL)
// authorization server URLs
oauth.AuthURL = @"https://accounts.google.com/o/oauth2/auth";
oauth.TokenURL = @"https://accounts.google.com/o/oauth2/token";

// copy the client id and the client secret of your app
// registered in Google Developers Console
oauth.ClientID = @"your_client_id";
oauth.ClientSecret = @"your_client_secret";
// tell the authorization server what access is needed
oauth.Scope = @"https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile";

// restore a refresh token from the previous session;
// this allows to not ask the user to login in the browser each time
oauth.RefreshToken = @"refresh_token_string";

// Actually perform the authorization.
// Instead of calling the Authorize() method manually, it is possible to turn on
// the oauth.AutoRefresh property,
// and authorization will be performed automatically on getting the AccessToken
// property value.
// Also the OAuth client will check access token expiration and will refresh it
// when it has expired
if (!oauth.Authorize())
   return;    // the user has cancelled authorization

// it's a good idea to save the refresh token for future use
Console.WriteLine("RefreshToken: " + oauth.RefreshToken);

// create a HTTPS client to access restricted information
TElHTTPSClient httpClient = new TElHTTPSClient();
// assign an event handler to validate SSL certificate(s)
httpClient.OnCertificateValidate += ...;

// configure the client to use OAuth 2.0 authorization
httpClient.RequestParameters.Password = oauth.AccessToken;
httpClient.UseOAuth2 = true;

// actually request restricted information
Console.WriteLine("Status: {0}", httpClient.ServerStatusCode);

How To articles about client-side HTTPS questions

Discuss this help topic in SecureBlackbox Forum