4D NetKit: Use your web server host ports to retrieve your OAuth 2.0 authentication response



Product

When using OAuth 2.0 authentication with 4D NetKit, you must define a redirect URI to indicate where the OAuth 2.0 server should return the authentication result. With 4D 20 R9, you can now use your host web server’s address and ports to retrieve your authentication responses. This enhancement streamlines the authentication process, prevents port conflicts, and improves security.

$credential:={}
$credential.name:="Microsoft"   // or "Google
$credential.permission:="signedIn"
$credential.clientId:="bbbxxx"
$credential.redirectURI:="http://127.0.0.1:80/authorize/"
var $provider:=cs.NetKit.OAuth2Provider.new($credential)

When using cs.NetKit.OAuth2Provider.new($credential), 4D NetKit determines whether to use the host web server or the 4D NetKit component web server based on the specified redirect URI.

  • If the redirectURI port matches the host web server port, 4D NetKit will automatically use the host web server to retrieve authentication responses.

  • If the port is omitted, standard ports are used:

    • The host web server is used if the host database is configured with the default port (Port 80 for HTTP and port 443 for HTTPS).

    • Otherwise, the 4D NetKit web server is used.

  • For any other case, 4D NetKit defaults to its own internal web server.

RedirectURI example based on the Host Web Server configuration with HTTP port = 80

  • Using the 4D host port → 4D host server is used

    $param.redirectURI:="http://127.0.0.1:80/authorize/"

  • Omission of port, default HTTP port is 80 → 4D host server is used

    $param.redirectURI:="http://127.0.0.1/authorize/"

  • Using a custom port → 4D NetKit server is used

    $param.redirectURI:="http://127.0.0.1:50993/authorize/"

Handling Authentication Responses with an HTTP Handler

If the host web server is used for authentication, developers must add an HTTP handler in the host database. This ensures that authentication responses are properly received and processed.

When permission=”signedIn” and 4D NetKit uses the host web server, the following handler should be added to the Project/Sources/HTTPHandlers.json file:

[
  {
    "class": "NetKit.OAuth2Authorization",
    "method": "getResponse",
    "regexPattern": "/authorize",
    "verbs": "get"
  }
]

Conclusion

By using the new OAuth 2.0 authentication enhancements in 4D NetKit, developers can simplify their authentication process by ensuring compatibility with their existing host web server configuration.

Discuss

Tags , , ,

Fabrice Mainguené
• Product Owner •Fabrice Mainguené joined 4D Program team in November, 2016. As a Product Owner, he is in charge of writing the user stories then translating it to functional specifications. His role is also to make sure that the feature implementation delivered is meeting the customer need.After obtaining a Bachelor degree in Computer Science at CNAM, Fabrice joined a small software publishing company as a Windev developer. Then he worked for different companies in industry and trade areas as a Windev and web developer as well as technical advisor on new features.