Amber Web Authorization Framework
API DocumentationOAuth2Implicit QML Type
A helper for OAuth2 Implicit flows. More...
| Import Statement: | import Amber.Web.Authorization 1.0 |
Properties
- authorizationEndpoint : string
- clientId : string
- clientSecret : string
- customParameters : string
- redirectUri : string
- scopes : string
- scopesSeparator : string
- state : string
- timeout : int
- tokenEndpoint : string
- userAgent : string
Signals
- errorOccurred(var code, var message)
- receivedAccessToken(var token)
Methods
Detailed Description
This helper type provides a simple API to allow the client application to request an access token from the remote OAuth2-enabled service.
It integrates an OAuth2 helper and a RedirectListener helper, and exposes the various properties which are required for the OAuth2 Implicit flow.
Note: the Implicit flow is not recommended for use by new clients, who should prefer to use the Authorization Code With PKCE flow instead.
See also OAuth2, OAuth2AcPkce, and RedirectListener.
Property Documentation
The authorizationEndpoint value for the integrated OAuth2 helper.
It is a mandatory property.
The clientId value for the integrated OAuth2 helper.
It is a mandatory property.
The clientSecret value for the integrated OAuth2 helper.
It is an optional property, however it is required by some services (e.g. Google).
The customParameters value for the integrated OAuth2 helper.
Some services require some custom parameters to be specified at various stages of the OAuth2 flow, or will return more data if the client specifies particular custom parameters (e.g. returning a "refresh_token" if the custom parameter "access_type"="offline" is specified).
It is an optional property.
The redirectUri value for the integrated OAuth2 helper.
By default, it is bound to the uri value of the integrated RedirectListener helper, but the client application can set it to another URI if it is handling redirects manually.
It is a mandatory property.
The scopes which the application will request access to.
The scopes will be joined using the specified scopesSeparator and the result will be used as the scope value for the for the integrated OAuth2 helper.
It is a mandatory property.
The separator to use when building a valid scope value.
This separator value will be used when joining the specified scopes together into a valid scope value for the for the integrated OAuth2 helper.
The default value of this property is a single space (i.e., ' '), but different services may require a different value (e.g., ',').
It is an optional property.
The state value for the integrated OAuth2 helper.
The default value is a cryptographically-random value generated automatically by the helper.
It is an optional property.
The timeout value for the integrated RedirectListener helper.
It is an optional property.
The tokenEndpoint value for the integrated OAuth2 helper.
It is a mandatory property.
The userAgent value for the integrated OAuth2 helper.
It is an optional property.
Signal Documentation
This signal is emitted if an error occurs during the OAuth2 flow.
This signal is emitted after receiving the access token.
The token is a dictionary of key/value pairs, and should include a value for the "access_token" key. It may optionally include other values, including "expires_in" or "refresh_token".
Method Documentation
Returns a valid authorization URL which can be loaded in the system web browser.
If the redirectUri is not manually specified by the client, the helper will automatically use the integrated RedirectListener helper and ensure that it starts listening.
Generates a valid authorization URL and attempts to load it in the system web browser.
If the redirectUri is not manually specified by the client, the helper will automatically use the integrated RedirectListener helper and ensure that it starts listening.