Amber Web Authorization Framework
API DocumentationOAuth2AcPkce QML Type
A helper for OAuth2 Authorize Code With PKCE flows. More...
| Import Statement: | import Amber.Web.Authorization 1.0 |
Properties
- authorizationEndpoint : string
- clientId : string
- clientSecret : string
- codeChallenge : string
- codeChallengeMethod : string
- codeVerifier : string
- customParameters : string
- redirectUri : string
- scopes : string
- scopesSeparator : string
- state : string
- timeout : int
- tokenEndpoint : string
- userAgent : string
Signals
- errorOccurred(var code, var message)
- receivedAccessToken(var token)
- receivedAuthorizationCode()
Methods
Detailed Description
This helper type provides a simple API to allow the client application to request an access token from the remote OAuth2-enabled service.
It integrates an OAuth2 helper and a RedirectListener helper, and exposes the various properties which are required for the OAuth2 Authorize Code With PKCE flow.
Example of use:
import QtQml 2.0
import Amber.Web.Authorization 1.0
OAuth2AcPkce {
id: googleOAuth
property var xhr
clientId: "" // use your app's clientId value
clientSecret: "" // use your app's clientSecret value
redirectListener.port: 7357 // your app's localhost redirect port. Not required for Google.
scopes: ["https://www.googleapis.com/auth/userinfo.email","https://www.googleapis.com/auth/userinfo.profile"]
tokenEndpoint: "https://accounts.google.com/o/oauth2/token"
authorizationEndpoint: "https://accounts.google.com/o/oauth2/auth"
customParameters: ({ "prompt":"consent" })
onErrorOccurred: console.log("Google OAuth2 Error: " + error.code + " = " + error.message + " : " + error.httpCode)
onReceivedAuthorizationCode: {
console.log("Got auth code, about to request token.")
customParameters = {}
}
onReceivedAccessToken: {
console.log("Got access token: " + token.access_token)
xhr = authenticatedRequest("GET", "https://www.googleapis.com/oauth2/v2/userinfo",
"Bearer " + token.access_token)
}
function authenticatedRequest(method, url, authorization) {
var req = new XMLHttpRequest()
req.onreadystatechange = function() {
if (req.readyState == XMLHttpRequest.DONE) {
var response = req.responseText
console.log(response)
}
}
req.open(method, url)
req.setRequestHeader("Authorization", authorization)
req.send()
return req
}
Component.onCompleted: googleOAuth.authorizeInBrowser()
}See also OAuth2 and RedirectListener.
Property Documentation
The authorizationEndpoint value for the integrated OAuth2 helper.
It is a mandatory property.
The clientId value for the integrated OAuth2 helper.
It is a mandatory property.
The clientSecret value for the integrated OAuth2 helper.
It is an optional property, however it is required by some services (e.g. Google).
The codeChallenge value reported by the integrated OAuth2 helper.
It is a read-only property. Most clients will not need to use this property.
The codeChallengeMethod value reported by the integrated OAuth2 helper.
It is a read-only property. Most clients will not need to use this property.
The codeVerifier value for the integrated OAuth2 helper.
The default value is a cryptographically-random value generated automatically by the helper.
It is a mandatory property.
The customParameters value for the integrated OAuth2 helper.
Some services require some custom parameters to be specified at various stages of the OAuth2 flow, or will return more data if the client specifies particular custom parameters (e.g. returning a "refresh_token" if the custom parameter "access_type"="offline" is specified).
It is an optional property.
The redirectUri value for the integrated OAuth2 helper.
By default, it is bound to the uri value of the integrated RedirectListener helper, but the client application can set it to another URI if it is handling redirects manually.
It is a mandatory property.
The scopes which the application will request access to.
The scopes will be joined using the specified scopesSeparator and the result will be used as the scope value for the for the integrated OAuth2 helper.
It is a mandatory property.
The separator to use when building a valid scope value.
This separator value will be used when joining the specified scopes together into a valid scope value for the for the integrated OAuth2 helper.
The default value of this property is a single space (i.e., ' '), but different services may require a different value (e.g., ',').
It is an optional property.
The state value for the integrated OAuth2 helper.
The default value is a cryptographically-random value generated automatically by the helper.
It is an optional property.
The timeout value for the integrated RedirectListener helper.
It is an optional property.
The tokenEndpoint value for the integrated OAuth2 helper.
It is a mandatory property.
The userAgent value for the integrated OAuth2 helper.
It is an optional property.
Signal Documentation
This signal is emitted if an error occurs during the OAuth2 flow.
This signal is emitted after receiving the access token.
The token is a dictionary of key/value pairs, and should include a value for the "access_token" key. It may optionally include other values, including "expires_in" or "refresh_token".
This signal is emitted after receiving the code, prior to requesting the access token.
The client application can connect to this signal if it needs to specify different customParameters for the access token request.
Method Documentation
Returns a valid authorization URL which can be loaded in the system web browser.
If the redirectUri is not manually specified by the client, the helper will automatically use the integrated RedirectListener helper and ensure that it starts listening.
Generates a valid authorization URL and attempts to load it in the system web browser.
If the redirectUri is not manually specified by the client, the helper will automatically use the integrated RedirectListener helper and ensure that it starts listening.