OAuth 2.0 Server

Server-side OAuth 2.0 protector for sgcWebSockets HTTP and WebSocket servers. Verify access tokens via JWT validation or RFC 7662 introspection.

AUF EINEN BLICK

TsgcHTTP_OAuth2_Server

Lightweight resource-server component — verifies inbound Bearer tokens via JWT signature checks or RFC 7662 token introspection, then exposes the parsed claims to your application.

Komponentenklasse

TsgcHTTP_OAuth2_Server

Protokoll

OAuth 2.0 (RFC 6749)

Plattformen

Windows, macOS, Linux, iOS, Android

Edition

Enterprise

SCHNELLSTART

Drop, attach to your server, accept tokens

Configure JWT key (or introspection URL), then attach to TsgcWebSocketHTTPServer.OAuth2 — incoming requests get token-verified before your handler fires.

uses
  sgcWebSocket, sgcHTTP;

var
  Server: TsgcWebSocketHTTPServer;
  OAuth2: TsgcHTTP_OAuth2_Server;
begin
  OAuth2 := TsgcHTTP_OAuth2_Server.Create(nil);
  OAuth2.OAuth2Options.JWT.Algorithms.HS.Secret := 'shared-secret';

  Server := TsgcWebSocketHTTPServer.Create(nil);
  Server.Port := 8443;
  Server.SSL  := True;
  Server.Authentication.OAuth2.Enabled := True;
  Server.Authentication.OAuth2.Server  := OAuth2;

  Server.Active := True;
end;
// uses: sgcWebSocket, sgcHTTP
TsgcHTTP_OAuth2_Server *OAuth2 = new TsgcHTTP_OAuth2_Server(this);
OAuth2->OAuth2Options->JWT->Algorithms->HS->Secret = "shared-secret";

TsgcWebSocketHTTPServer *Server = new TsgcWebSocketHTTPServer(this);
Server->Authentication->OAuth2->Enabled = true;
Server->Authentication->OAuth2->Server  = OAuth2;
Server->Active = true;
TECHNISCHE FUNKTIONEN

Was steckt drin

Resource-server component that protects HTTP and WebSocket endpoints with JWT-validated or introspection-validated access tokens.

JWT validation

Built-in JWT verifier (HS / RS / ES / EdDSA) against either a static key or a JWKS endpoint — no round trip to the issuer for self-contained tokens.

Token introspection

Set OAuth2Options.IntrospectionURL per RFC 7662 — the component POSTs the inbound token to the issuer and caches the active/inactive result with a TTL.

Scope enforcement

Attach OAuth2Options.RequiredScope to limit access to tokens carrying the chosen scope. OnAuthError reports the rejection reason.

WebSocket-aware

Works with both HTTP requests and WebSocket upgrades — the upgrade Authorization header (or query token) is verified before OnConnect.

OnVerify hook

Implement OnVerify for custom claim checks (multi-tenant aud, dynamic scope mapping, account-status). Return Accept = False to short-circuit with 401.

Provider sibling

TsgcHTTP_OAuth2_Server_Provider turns this component into a full authorization server (issuer): authorize, token and revoke endpoints with persistent client/refresh-token storage.

STANDARDS

Spezifikationen & Referenzen

Maßgebliche Quellen für die Standards, die diese Komponente implementiert.

RESSOURCEN

Dokumentation & Demos

Springe direkt zur Komponentenreferenz, lade das einsatzbereite Demo-Projekt herunter und teste die Testversion.

Online Help — TsgcHTTP_OAuth2_Server Vollständige Eigenschaften-, Methoden- und Ereignisreferenz für diese Komponente. Öffnen
Demo Project — Demos\20.HTTP_Protocol\02.OAuth2_Authentication Einsatzbereites Beispielprojekt. Im sgcWebSockets-Paket enthalten — lade unten die Testversion herunter. Öffnen
Technisches Dokument (PDF) Funktionen, Schnellstart, Codebeispiele für Delphi & C++ Builder und Primärquellenreferenzen — nur für diese Komponente. Öffnen
Benutzerhandbuch (PDF) Umfassendes Handbuch zu jeder Komponente der Bibliothek. Öffnen

Ready to Protect APIs with OAuth 2.0?

Download the free trial and add OAuth 2.0 token validation to your Delphi servers.

Kostenlose Testversion herunterladen Preise ansehen