ONLINE HELP
 WINDEVWEBDEV AND WINDEV MOBILE

This content has been translated automatically.  Click here  to view the French version.
Help / WLanguage / WLanguage functions / Communication / Managing the OAuth 2.0 protocol
  • Properties specific to OpenIDParameters variables
  • Property URLConfiguration
WINDEV
WindowsLinuxUniversal Windows 10 AppJavaReports and QueriesUser code (UMC)
WEBDEV
WindowsLinuxPHPWEBDEV - Browser code
WINDEV Mobile
AndroidAndroid Widget iPhone/iPadIOS WidgetApple WatchMac CatalystUniversal Windows 10 App
Others
Stored procedures
The type OpenIDParameters is used to define all the advanced features of an authentication for OpenID. You can define and change the characteristics of this authentication for OpenID using different WLanguage properties.
Remark: For more details on the declaration of this type of variable and the use of WLanguage properties, see Declaring a variable.
Example
OpenIDParams is OpenIDParameters
OpenIDParams.ConfigurationURL = "https://accounts.google.com/.well-known/OpenID-configuration"
OpenIDParams.ClientID = "1060349503186-pc7ahme???????7gk59q.apps.googleusercontent.com" 
OpenIDParams.ClientSecret = "oBTQL52?????y9-76MpiM"
OpenIDParams.RedirectionURL = "http://localhost:9846"

MonToken is AuthToken = AuthIdentify(OpenIDParams)
IF ErrorOccurred THEN
Error(ErrorInfo())
RETURN
END
MonIdentité is OpenIDIdentity = OpenIDReadIdentity(MonToken)
IF MonIdentité.Valid THEN
Trace(MonIdentité.Email)
Trace(MonIdentité.Name)
Trace(MonIdentité.FirstName)
END
Remarks

Properties specific to OpenIDParameters variables

The following properties can be used to handle the parameters of an OpenID authentication:
Property nameType usedEffect
ClientIDCharacter stringApplication identifier.
ClientSecretCharacter stringSecret application identifier.
ConfigurationURLCharacter stringOpenID service description URL (see Remarks). In general, providers who offer OpenID make this URL available. It has the following format:
https://<Domaine>/.well-known/OpenID-configuration
Some examples of URLs:
https://login.windows.net/contoso.onmicrosoft.com/
.well-known/OpenID-configuration
https://accounts.google.com/.well-known/openid-configuration
https://login.salesforce.com/.well-known/openid-configuration
https://login.yahoo.com/.well-known/openid-configuration
https://login.microsoftonline.com/contoso.onmicrosoft.com/
.well-known/openid-configuration
GrantTypeConstantGrant type available. The possible values are:
  • gtClientCredentials: Authentication without login window. The access authorization is given to the application (not to the user). The token provided to access the resources of the application is linked to the application itself.
  • gtAuthorizationCode (Default value): The access authorization is given to the user. a login window appears to let users enter their username and password. The access token is linked to the user.
RedirectionURLCharacter stringURL used to redirect the result.
ScopeCharacter stringRequested permissions. The possible values are specific to the web service used.

Property URLConfiguration

The ConfigurationURL property corresponds to a URL that contains the description of the OpenID service. This description has the following format (for Google, for example)::
{
"issuer": "https://accounts.google.com",
"authorization_endpoint": "https://accounts.google.com/o/oauth2/v2/auth",
"token_endpoint": "https://oauth2.googleapis.com/token",
"userinfo_endpoint": "https://www.googleapis.com/oauth2/v3/userinfo",
"revocation_endpoint": "https://oauth2.googleapis.com/revoke",
"jwks_uri": "https://www.googleapis.com/oauth2/v3/certs",
"response_types_supported": [
 "code",
 "token",
 "id_token",
 "code token",
 "code id_token",
 "token id_token",
 "code token id_token",
 "none"
],
"subject_types_supported": [
 "public"
],
"id_token_signing_alg_values_supported": [
 "RS256"
],
"scopes_supported": [
 "openid",
 "email",
 "profile"
],
"token_endpoint_auth_methods_supported": [
 "client_secret_post",
 "client_secret_basic"
],
"claims_supported": [
 "aud",
 "email",
 "email_verified",
 "exp",
 "family_name",
 "given_name",
 "iat",
 "iss",
 "locale",
 "name",
 "picture",
 "sub"
],
"code_challenge_methods_supported": [
 "plain",
 "S256"
]
}
The necessary parts are as follows:
  • authorization_endpoint: Authorization URL.
  • token_endpoint: URL for retrieving the token.
  • scopes_supported: List of information that can be retrieved.
Minimum version required
  • Version 24
This page is also available for…
Comments
Click [Add] to post a comment

Last update: 02/02/2024

Send a report | Local help