For projects that will take place in the future, it is important that my own REST server will be created. Now, I have been working on this for a few weeks, and everything concerning the REST server is ready. I can give requests and receive responses. I am just missing the security through OAuth2.
After some research, I found the authorization server from carlosHE. Now, I have everything installed in Delphi, but I do not understand how I can get the authorization workable for my REST server.
Are there people who have experience with applying the OAuth2 protocol to REST servers using carlosHE/oauth2-server? Or, maybe there are other ways that work?
CodePudding user response:
Draft answer:
- The client must get an access token from the OAuth2 server. (how to authenticate the client is a different question)
- The access token must be stored server-side, so that the REST server can validate client REST requests.
- The client then can send REST requests which contain the access token. (typically sent as a HTTP header value)