Chilkat 13-April-2022 – OAuth2 authentication for desktop apps.
OAuth2 authentication for desktop apps.
Many developers don’t realize that the Chilkat OAuth2 class is for desktop applications. Doing OAuth2 in a web application (where your code runs on a web server) is relatively easy and does not require Chilkat (although Chilkat can be used to assist with some mundane tasks). Working/live examples are provided on the Chilkat Tools site: OAuth2 in ASP.NET and OAuth2 for Classic ASP.
To better explain the OAuth2 class for desktop applications: The call to OAuth2.StartAuth does 2 things:
- Returns a URL that you’ll open in a browser to interactively get authorization from the account owner.
- Starts a background thread to act as a web server for the redirect request that will be forwarded from the local web browser.
You’ll specify a “http://localhost:<portNumber>/” as the callback URI in the web portal where you define your app.
The callback comes to Chilkat’s background thread which is waiting for the HTTP request at the given port number.
Note: The callback URI cannot be “https://” because your application does not have a SSL/TLS server certificate the browser would accept. In any case, the HTTP request is from your local browser to your local application which are all running on the same machine, so really there’s no need for HTTPS.
*** Important: Make sure to specify “Web” as the type of app for your Redirect URI, even though your application is technically not a web app running on a web server. See https://cknotes.com/solution-for-azure-oauth2-error-public-clients-cant-send-a-client-secret/
Error LNK2001 unresolved external symbol __security_check_cookie
Question: A C project that was compiling without problem on VS2017, now VS2019 or 2022 when compiling (of course I used the right libs), generate the above linker error.
Solution: I think the issue is solved if your VS project is built with “Enable Security Check (/GS)”, which should be the default.
In your VS project properties, go to C/C++ –> Code Generation and look at the “Security Check” option. I suspect it was disabled and shows “Disable Security Check (/GS-)” whereas Chilkat is compiled with security checks enabled.
Have you guys ever had anyone connect to NetSuite?
Are you asking about stuff like this? — https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/chapter_1540809676.html
Chilkat hasn’t specifically tried creating examples for anything NetSuite related.
The Chilkat API is general purpose and can be applied to any REST or SOAP API. It’s just a matter of knowing what is needed (i.e. the content and format of the raw HTTP requests including HTTP verb, path, any header fields, authentication, and content of the body which is typically JSON or XML). If the service provider (such as NetSuite) provides good documentation, then it’s easy to understand and implement in Chilkat. (That’s a big IF, because documentation tends to be voluminous yet useless at the same time.)
Quite often service providers will provide documentation in the form of CURL statements. This makes it especially easy because the CURL statements can be copied into Chilkat’s online code generator at https://tools.chilkat.io/curlHttp to generate the code.
Also, if the service provider provides a PostMan collection, then it can be used w/ Chillkat’s online PostMan Collection Code Generator tool here: https://tools.chilkat.io/postmanCollection It allow you to upload a PostMan collection and dynamically generates the code samples contained within the collection.
Finally.. if the service provider (i.e. NetSuite) requires any custom or cryptographic computations (such as HMAC) that are non-standard, then Chilkat would need to provide an example (typically published to example-code.com) and Chilkat would also need to test with a trial or sandbox account. Usually in these cases, Chilkat tries to integrate the custom computation internally to make it automatic and easy for the application programmer.