OAuth 2.0 Client
OAuth 2.0 / OAuth 2.1 client component — Authorization Code with PKCE, Client Credentials, Device Code, refresh-token rotation and built-in browser flow.
OAuth 2.0 / OAuth 2.1 client component — Authorization Code with PKCE, Client Credentials, Device Code, refresh-token rotation and built-in browser flow.
Implements the OAuth 2.0 / 2.1 client side — covers Authorization Code (with PKCE), Client Credentials, Device Code and refresh-token flows. Includes a tiny embedded HTTP listener for the redirect URI.
TsgcHTTP_OAuth2_Client
Windows, macOS, Linux, iOS, Android
Standard / Professional / Enterprise
Configure ClientId / ClientSecret / Scope / Endpoints (or use a Provider preset for Google / Microsoft / GitHub), call StartAuthorization, then use Token in your HTTP calls.
uses
sgcHTTP;
var
OAuth2: TsgcHTTP_OAuth2_Client;
begin
OAuth2 := TsgcHTTP_OAuth2_Client.Create(nil);
OAuth2.OAuth2Options.ClientId := 'your-client-id';
OAuth2.OAuth2Options.ClientSecret := 'your-client-secret';
OAuth2.OAuth2Options.Scope := 'profile email';
OAuth2.OAuth2Options.RedirectURL := 'http://localhost:5555/callback';
OAuth2.OAuth2Options.AuthorizationURL := 'https://auth.example.com/authorize';
OAuth2.OAuth2Options.TokenURL := 'https://auth.example.com/token';
OAuth2.OAuth2Options.PKCE := True;
// Spawns the user browser at the auth URL
OAuth2.StartAuthorization;
// ... user logs in, browser is redirected to the callback URL
// ... the component captures the code, exchanges for tokens
ShowMessage(OAuth2.AccessToken);
end;// uses: sgcHTTP
TsgcHTTP_OAuth2_Client *OAuth2 = new TsgcHTTP_OAuth2_Client(this);
OAuth2->OAuth2Options->ClientId = "your-client-id";
OAuth2->OAuth2Options->ClientSecret = "your-client-secret";
OAuth2->OAuth2Options->Scope = "profile email";
OAuth2->OAuth2Options->RedirectURL = "http://localhost:5555/callback";
OAuth2->OAuth2Options->PKCE = true;
OAuth2->StartAuthorization();Implements the OAuth 2.0 client surface with PKCE, refresh-token rotation and an embedded loopback redirect listener.
Authorization Code (with optional PKCE per RFC 7636), Client Credentials (RFC 6749 §4.4), Device Code (RFC 8628) and Refresh Token (RFC 6749 §6) are all supported as typed methods.
Toggle OAuth2Options.PKCE — the component generates the code_verifier / code_challenge pair and includes them per RFC 7636 (mandatory in OAuth 2.1).
Sibling components TsgcHTTP_OAuth2_Client_Google and TsgcHTTP_OAuth2_Client_Microsoft ship with the right endpoints and scopes pre-filled. Use the base class for everyone else.
The component spins up a tiny embedded HTTP listener on the configured RedirectURL, captures the authorization code, then shuts the listener down — no external web server required.
SaveToFile / LoadFromFile persist the refresh token (encrypted-at-rest if configured) so the user is not prompted on every app launch.
Pair with TsgcHTTPComponentClient, TsgcHTTP2Client or TsgcWebSocketClient via Authentication.Token.OAuth2 — the bearer token is injected on every request automatically.
Fuentes autorizadas de los estándares que implementa este componente.
Enlace directo a la referencia del componente, descarga el proyecto demo listo para ejecutar y la prueba gratuita.
| Online Help — TsgcHTTP_OAuth2_Client Referencia completa de propiedades, métodos y eventos de este componente. | Abrir | |
| Demo Project — Demos\20.HTTP_Protocol\02.OAuth2_Authentication Proyecto de ejemplo listo para ejecutar. Se incluye en el paquete sgcWebSockets — descarga la prueba gratuita más abajo. | Abrir | |
| Documento técnico (PDF) Características, inicio rápido, ejemplos de código para Delphi y C++ Builder y referencias de fuentes primarias — solo este componente. | Abrir | |
| Manual de usuario (PDF) Manual completo que cubre todos los componentes de la biblioteca. | Abrir |