|
TIBCO EMS .NET API 10.4
TIBCO EMS .NET API 10.4
|
Provides methods which are used to enable or disable debug tracing for OAuth 2.0 authentication. More...
Static Public Member Functions | |
| static bool | GetDebugTraceEnabled () |
| Returns true if debug tracing is enabled. More... | |
| static void | SetDebugTraceEnabled (bool enabled) |
| Enables additional debug tracing. More... | |
| static void | SetClientTracer (StreamWriter tracer) |
| Set client tracer to given output stream. Specify null as parameter to disable client tracing. Client tracing prints information about the OAuth 2.0 authentication process. More... | |
| static StreamWriter | GetClientTracer () |
| Returns client tracer, or null if client tracing is disabled. More... | |
Provides methods which are used to enable or disable debug tracing for OAuth 2.0 authentication.
NOTE: All properties relating to OAuth 2.0 authentication are part of the Tibems package. This allows client applications built prior to release 10.4 to make use of the OAuth 2.0 authentication feature without the need for source code changes and rebuilds. The sections below provide an overview of OAuth 2.0 support in the client.
OAuth 2.0 Grants
Connection factories that are configured with OAuth 2.0 properties will create connection objects capable of automatically requesting access tokens from an OAuth 2.0 authorization server and using them to authenticate with the EMS server.
Two authorization grant types are supported for obtaining access tokens in this manner: client credentials grant and resource owner password credentials grant. If the 'userName' parameter for the connection creation method is null, the client credentials grant is used. If the 'userName' parameter is not null, the resource owner password credentials grant is used, with the 'userName' and 'password' parameter values serving as the username and password credentials for the grant.
Refresh tokens are supported when using the resource owner password credentials grant type. If the authorization server issues a refresh token along with the requested access token, the connection object will use that refresh token instead of the grant the next time it needs to request an access token. If it fails to obtain a new access token using the refresh token, it will try again using the grant.
User-Defined Callbacks
Client applications can define callbacks for obtaining access tokens and register them with connection factories. Connections created using a particular factory will invoke the callback any time a new access token is required for authentication. See Tibems.PROP_OAUTH2_TOKEN_FETCH_CALLBACK_OBJECT and IOAuth2TokenFetchCallback for more information.
If a callback is registered with a connection factory, connections created using the factory will not attempt to obtain access tokens from an authorization server using OAuth 2.0 grants - even if the relevant OAuth 2.0 properties are set.
Configured Access Token
Connection factories can also directly be configured with an access token in the form of an OAuth 2.0 property. All connection objects created using the connection factory will use the configured access token for authentication. See Tibems.PROP_OAUTH2_ACCESS_TOKEN for more information.
Explicitly configuring an access token in a connection factory disables all other methods of obtaining access tokens for that factory. Connections created using the factory will always use the configured token for authentication.
In the event of access token expiration, connections that use OAuth 2.0 grants or user-defined callbacks will automatically obtain a new access token and re-authenticate with the EMS server. However, connections that use a configured access token will not be able to handle this scenario and will experience authentication failures.
Configuring OAuth 2.0 Authentication
OAuth 2.0 authentication can be configured programmatically using ConnectionFactory properties, through Tibems.SetProperty, or environment variables prior to starting the client application. Configuration using ConnectionFactory properties is the preferred method as this allows fine-grained control over the OAuth 2.0 properties for each individual factory. In contrast, OAuth 2.0 properties set through Tibems.SetProperty or environment variables apply to all connection factories created by the client application.
OAuth 2.0 properties set via ConnectionFactory properties take precedence over values set through Tibems.SetProperty. In turn, values configured through Tibems.SetProperty take priority over values set through environment variables.
|
inlinestatic |
Returns client tracer, or null if client tracing is disabled.
Since EMS 10.4.0
|
inlinestatic |
Returns true if debug tracing is enabled.
Since EMS 10.4.0
|
inlinestatic |
Set client tracer to given output stream. Specify null as parameter to disable client tracing. Client tracing prints information about the OAuth 2.0 authentication process.
Since EMS 10.4.0
|
inlinestatic |
Enables additional debug tracing.
Since EMS 10.4.0