May 06, 2024 03:05 Parameters Returns Supported Clients Sample Parameters Returns Supported Clients Sample Parameters Returns Supported Clients Sample Parameters Returns Supported Clients Sample Parameters Returns Supported Clients Sample Parameters Returns Supported Clients Sample Parameters Returns Supported Clients Sample Parameters Returns Supported Clients Sample Parameters Returns Supported Clients Sample Parameters Returns Supported Clients Sample Parameters Returns Supported Clients Sample Parameters Returns Supported Clients Sample Parameters Returns Supported Clients SampleSupported Clients
NGClient
Methods Summary
OAuthServiceBuilder
additionalParameters(params)
Add some more parameters to the authorization url.
OAuthService
build(api)
Creates an OAuth service that can be used to obtain an access token and access protected data.
OAuthService
build(api)
Creates an OAuth service that can be used to obtain an access token and access protected data.
OAuthServiceBuilder
callback(callback, timeout)
Configure the service with a callback function to be executed when the service is ready to use.
OAuthServiceBuilder
clientSecret(clientSecret)
Set the client secret of the application.
OAuthServiceBuilder
deeplink(deeplink)
OPTIONAL This is a way to override the default deeplink method name, which is 'deeplink_svy_oauth'.
OAuthServiceBuilder
defaultScope(scope)
Request always the same scope.
OAuthServiceBuilder
domain(domain)
Set the domain if the API supports it (e.
OAuthServiceBuilder
responseMode(mode)
Configure if the code/tokens are going to be received as a query or as a url fragment.
OAuthServiceBuilder
responseType(response_type)
Configures the OAuth flow.
OAuthServiceBuilder
scope(scope)
Request any unique scope per each access token request.
OAuthServiceBuilder
state(state)
Configures the anti forgery session state.
OAuthServiceBuilder
tenant(tenant)
Set the tenant identifiers/organization if the API supports it (e.
Methods Details
additionalParameters(params)
Add some more parameters to the authorization url.
Object
params
a json containing the parameters and their values
e.g. {'param1': 'value1', 'param2': 'value2'}
build(api)
Creates an OAuth service that can be used to obtain an access token and access protected data.
CustomApiBuilder
api
a custom api, see plugins.oauth.customApi
build(api)
Creates an OAuth service that can be used to obtain an access token and access protected data.
String
api
an OAuth provider id, see plugins.oauth.OAuthProviders
callback(callback, timeout)
Configure the service with a callback function to be executed when the service is ready to use.
After the access token is returned by the server, this callback function is executed.
Function
callback
a function in a scope or form
Number
timeout
max number of seconds in which the callback method should be executed (with success or error message)
Please note that the timeout should be enough for the user to login and accept permissions.
clientSecret(clientSecret)
Set the client secret of the application.
String
clientSecret
a secret known only to the application and the authorization server
deeplink(deeplink)
OPTIONAL This is a way to override the default deeplink method name, which is 'deeplink_svy_oauth'.
The deeplink method is a global method that receives the code needed to obtain the access token from the OAuth provider.
NOTE: The deeplink method name is strongly related to the redirect url configured for the application.
If the OAuth provider (eg. Microsoft AD, Likedin) requires to configure a full redirect url then it should be of the form:
https://example.com/<solution_name>/m/<deeplinkmethod> - where <deeplinkmethod> is the name configured with the service builder
https://example.com/<solution_name>/m/deeplink_svy_oauth - if the deeplink method name was not overridden
If the deeplink method with the provided name does not exist in the solution,
then a default deeplink method is generated under the hood with the solution model.
If a global method with the provided name already exists in the solution, then it should set the access
token on the service and handle possible errors.
String
deeplink
a global scope method name
defaultScope(scope)
Request always the same scope.
Scope is a mechanism in OAuth 2.0 to limit an application's access to a user's account.
An application can request one or more scopes, separated by space.
This information is then presented to the user in the consent screen, and the access token issued
to the application will be limited to the scopes granted.
String
scope
the default scope
domain(domain)
Set the domain if the API supports it (e.g.Okta)
String
domain
;
responseMode(mode)
Configure if the code/tokens are going to be received as a query or as a url fragment.
Will be ignored if the response type is token/id_token or if the oauth provider does not support it.
For the "fragment" response mode the redirect url configured for the oauth app needs to be of the following form
https://example.com/servoy-service/oauth/solutions/<solution_name>/m/<deeplinkmethod> - where <deeplinkmethod> is the name configured with the service builder
String
mode
can be "query" or "fragment"
responseType(response_type)
Configures the OAuth flow. Defaults to "code" (authorization code flow) if not set.
Use response type "token" for the implicit grant flow.
Use response type "id_token" for OpenID Connect sign-in. In this case the response is a JWT token which can be used to verify the identity of a user.
OAuth providers may allow combinations of "code" "id_token" "token".
String
response_type
one or a combination of "code" "id_token" "token"
scope(scope)
Request any unique scope per each access token request.
Scope is a mechanism in OAuth 2.0 to limit an application's access to a user's account.
An application can request one or more scopes, separated by space.
This information is then presented to the user in the consent screen, and the access token issued
to the application will be limited to the scopes granted.
String
scope
one or multiple scopes separated by space
state(state)
Configures the anti forgery session state. This is required in some APIs (like Facebook's).
String
state
;
tenant(tenant)
Set the tenant identifiers/organization if the API supports it (e.g.Microsoft AD)
String
tenant
;