Interfacing DataFlex with oAuth2 authentication is a bit complicated mainly due to 2 missing parts of the language<\/p>\n
- \n
- DataFlex is single threaded which makes it hard to wait for things while keeping the user interface from being locked up<\/li>\n
- DataFlex does not have any support for TCPIP communication which is needed to listen to a port on localhost<\/li>\n<\/ol>\n
One way to make life easier is to use the Chilkat oAuth2 component. Chilkat solves the second issue by handling all the TCPIP communication for us<\/p>\n
Registering the application<\/h1>\n
In order to use oAuth2 for any service the application has to be registered with that service in our example Google. This registration will give us a client id as well as a client secret for our application that will be used to authenticate<\/p>\n
For this example we will create 2 views. View 1 will be our view requesting authentication, view 2 will contain the browser window. You could also call the browser as a separate program.<\/p>\n
To show the two part process we will split the functions over two buttons. First button will initiate the authentication process, second button will then after successful authentication get the token.<\/p>\n
At the top of the view we will need to use the chilkat package. Of course you will need to download and install the chilkat library<\/p>\n
\/\/\r\n\/\/ use chilkat\r\nUse ChilkatAx-9.5.0-win32.pkg\r\n\r\nProcedure ChilkatGlobalUnlock\r\n Handle hoGlob\r\n Boolean iSuccess\r\n Integer iStatus\r\n String sTemp1\r\n\r\n Get Create (RefClass(cComChilkatGlobal)) to hoGlob\r\n If (not(IsComObjectCreated(hoGlob))) Begin\r\n Send CreateComObject of hoGlob\r\n End\r\n Get ComUnlockBundle of hoGlob \"Anything for 30-day trial\" to iSuccess\r\n If (iSuccess <> True) Begin\r\n Get ComLastErrorText of hoGlob to sTemp1\r\n Showln sTemp1\r\n Procedure_Return\r\n End\r\n\r\n Get ComUnlockStatus of hoGlob to iStatus\r\n If (iStatus = 2) Begin\r\n Showln \"Unlocked using purchased unlock code.\"\r\n End\r\n Else Begin\r\n Showln \"Unlocked in trial mode.\"\r\n End\r\nEnd_Procedure\r\n\r\n<\/pre>\n
the code above will globally unlock all chilkat classes using your credentials supplied by chilkat<\/p>\n
Step 1 – Start Authentication<\/p>\n
Procedure OnClick\r\n Handle hoOauth2 hoSbJson\r\n Boolean iSuccess bTemp1\r\n String sUrl sTemp1\r\n Integer iNumMsWaited iTemp1\r\n\r\n \/\/ make sure chilkat is unlocked \r\n Send ChilkatGlobalUnlock \r\n \r\n \/\/ create oAuth2 object\r\n Get Create (RefClass(cComChilkatOAuth2)) to hoOauth2\r\n If (not(IsComObjectCreated(hoOauth2))) Begin\r\n Send CreateComObject of hoOauth2\r\n \r\n End\r\n \/\/ remember for step2\r\n Set phoOAuth2 to hoOauth2\r\n \r\n \/\/ For Google OAuth2, set the listen port equal to the port used\r\n \/\/ in the Authorized Redirect URL for the Client ID.\r\n \/\/ For example, in this case the Authorized Redirect URL would be http:\/\/localhost:55568\/\r\n \/\/ Your app should choose a port not likely not used by any other application.\r\n Set ComListenPort of hoOauth2 to 55568\r\n \r\n Set ComAuthorizationEndpoint of hoOauth2 to \"https:\/\/accounts.google.com\/o\/oauth2\/v2\/auth\"\r\n Set ComTokenEndpoint of hoOauth2 to \"https:\/\/www.googleapis.com\/oauth2\/v4\/token\"\r\n \r\n \/\/ Replace these with actual values.\r\n Set ComClientId of hoOauth2 to \"YOUR APPS CLIENT ID HERE\"\r\n Set ComClientSecret of hoOauth2 to \"YOUR APPS CLIENT SECRET HERE\"\r\n \r\n Set ComCodeChallenge of hoOauth2 to True\r\n Set ComCodeChallengeMethod of hoOauth2 to \"S256\"\r\n \r\n \/\/ This is the scope for Google Drive.\r\n \/\/ See https:\/\/developers.google.com\/identity\/protocols\/googlescopes\r\n Set ComScope of hoOauth2 to \"https:\/\/www.googleapis.com\/auth\/drive\"\r\n \r\n \/\/ Begin the OAuth2 three-legged flow. This returns a URL that should be loaded in a browser.\r\n Get ComStartAuth of hoOauth2 to sUrl\r\n Get ComLastMethodSuccess of hoOauth2 to bTemp1\r\n If (bTemp1 <> True) Begin\r\n Get ComLastErrorText of hoOauth2 to sTemp1\r\n Showln sTemp1\r\n Procedure_Return\r\n End\r\n \r\n Send ShowGoogleLogin sUrl\r\nEnd_Procedure<\/pre>\n
The OnClick procedure above first creates a chilkat oAuth2 object. We remeber the object id in a property for step 2 later.<\/p>\n
oAuth2 uses a local port to communicate. In this case we use a port that is likely not used. A better implementation would be to find a random unused port.<\/p>\n
We set the endpoints to the google endpoints<\/p>\n
We also need to set the client id and client secret. These are supplied to you when registering your application with google<\/p>\n
We also need to set the scope of our authentication which will tell Google what services we are trying to authenticate for.<\/p>\n
The next step is to start the authentication process. This will return a URL that needs to be shown to the user.<\/p>\n
The last line\u00a0Send ShowGoogleLogin sUrl<\/em> will be handled in our next step<\/p>\n
Show the Url in the browser<\/h1>\n
We need to be able to show the url returned by the authentication process to the user.<\/p>\n
For this example i decided to use a web browser in a view but you can also simply launch a web browser as a separate application. There is no connection needed between our application and the browser<\/p>\n
The code for the browser view is as follows<\/p>\n
Use Windows.pkg\r\nUse DFClient.pkg\r\nUse cComWebBrowser.pkg\r\n\r\nActivate_View Activate_oBrowserView for oBrowserView\r\nObject oBrowserView is a dbView\r\n Property String psUrlToNavigate \"\"\r\n \r\n Set Border_Style to Border_Thick\r\n Set Size to 200 300\r\n Set Location to 2 2\r\n Set Label to \"BrowserView\"\r\n\r\n Object oWebBrowser is a cComWebBrowser\r\n Set Size to 254 497\r\n Set Location to 34 21\r\n Set peAnchors to anAll\r\n \r\n \/\/ When the control is created, point to a default web site\r\n Procedure OnCreate\r\n Forward Send OnCreate\r\n Send ComNavigate (psUrlToNavigate(Self)) 0 0 0 0\r\n End_Procedure\r\n End_Object\r\n\r\nEnd_Object\r\n\r\nProcedure ShowGoogleLogin String sURL\r\n Set psUrlToNavigate of oBrowserView to sURL\r\n Send Activate_oBrowserView\r\nEnd_Procedure<\/pre>\n
Now we need to create the second part of our authentication that needs to be executed after the user actually authenticates<\/p>\n
Procedure OnClick\r\n Handle hoOauth2\r\n Integer iNumMsWaited iTemp1 iSuccess\r\n String sTemp1\r\n \r\n Get phoOAuth2 to hoOauth2\r\n \r\n \/\/ Now wait for the authorization.\r\n \/\/ We'll wait for a max of 30 seconds.\r\n Move 0 to iNumMsWaited\r\n While ((iNumMsWaited < 30000) and ((ComAuthFlowState(hoOauth2)) < 3))\r\n Send ComSleepMs to hoOauth2 100\r\n Move (iNumMsWaited + 100) to iNumMsWaited\r\n Loop\r\n \r\n \/\/ If there was no response from the browser within 30 seconds, then\r\n \/\/ the AuthFlowState will be equal to 1 or 2.\r\n \/\/ 1: Waiting for Redirect. The OAuth2 background thread is waiting to receive the redirect HTTP request from the browser.\r\n \/\/ 2: Waiting for Final Response. The OAuth2 background thread is waiting for the final access token response.\r\n \/\/ In that case, cancel the background task started in the call to StartAuth.\r\n Get ComAuthFlowState of hoOauth2 to iTemp1\r\n If (iTemp1 < 3) Begin\r\n Get ComCancel of hoOauth2 to iSuccess\r\n Showln \"No response from the browser!\"\r\n Procedure_Return\r\n End\r\n \r\n \r\n \/\/ Check the AuthFlowState to see if authorization was granted, denied, or if some error occurred\r\n \/\/ The possible AuthFlowState values are:\r\n \/\/ 3: Completed with Success. The OAuth2 flow has completed, the background thread exited, and the successful JSON response is available in AccessTokenResponse property.\r\n \/\/ 4: Completed with Access Denied. The OAuth2 flow has completed, the background thread exited, and the error JSON is available in AccessTokenResponse property.\r\n \/\/ 5: Failed Prior to Completion. The OAuth2 flow failed to complete, the background thread exited, and the error information is available in the FailureInfo property.\r\n Get ComAuthFlowState of hoOauth2 to iTemp1\r\n If (iTemp1 = 5) Begin\r\n Showln \"OAuth2 failed to complete.\"\r\n Get ComFailureInfo of hoOauth2 to sTemp1\r\n Showln sTemp1\r\n Procedure_Return\r\n End\r\n \r\n Get ComAuthFlowState of hoOauth2 to iTemp1\r\n If (iTemp1 = 4) Begin\r\n Showln \"OAuth2 authorization was denied.\"\r\n Get ComAccessTokenResponse of hoOauth2 to sTemp1\r\n Showln sTemp1\r\n Procedure_Return\r\n End\r\n \r\n Get ComAuthFlowState of hoOauth2 to iTemp1\r\n If (iTemp1 <> 3) Begin\r\n Get ComAuthFlowState of hoOauth2 to iTemp1\r\n Showln \"Unexpected AuthFlowState:\" iTemp1\r\n Procedure_Return\r\n End\r\n \r\n \/\/ Save the full JSON access token response to a file.\r\n Integer hoSbJson\r\n Get Create (RefClass(cComChilkatStringBuilder)) to hoSbJson\r\n If (not(IsComObjectCreated(hoSbJson))) Begin\r\n Send CreateComObject of hoSbJson\r\n End\r\n Get ComAccessTokenResponse of hoOauth2 to sTemp1\r\n Get ComAppend of hoSbJson sTemp1 to iSuccess\r\n Get ComWriteFile of hoSbJson \"qa_data\/tokens\/googleDrive.json\" \"utf-8\" False to iSuccess\r\n \r\n Showln \"OAuth2 authorization granted!\"\r\n Get ComAccessToken of hoOauth2 to sTemp1\r\n Showln \"Access Token = \" sTemp1\r\n \r\n Send Destroy to hoSbJson \r\n Send Destroy to hoOauth2\r\n Set phoOAuth2 to 0\r\nEnd_Procedure\r\n\r\n<\/pre>\n
After validating that there was a proper response from the authentication server we get the response that includes the token and other information<\/p>\n
To run this example click the first button. This will initiate the authentication process and then show the browser window with a goggle login (the login may be skipped if you are already logged in to google).<\/p>\n
After logging in google will ask if you want to authorize the application. Allow the authorization and then close the browser window.<\/p>\n
Now you can click the second button and the application will then get the authentication token that can be used to authenticate for any service calls later.<\/p>\n\n\t\t
\n\t\t\t\n\t\t\t\t\n\t\t\t
\n\t\t\t