OAuth Callback

Hi,

I have my own OAuth to access HMRC which has always worked fine but when I compile it with the latest version I get the response back in the window created for the HMRC login rather than to the main window. I callback is defined.

Last time I compiled the project was in June 2021. How do I get it to work as it used to. The code has not changed.

Thanks,

Ken

Do you have more details about how exactly you use this?
We can't see changes here at first sight that could have effects on OAuth.

procedure TMainForm.btnAuthClick(Sender: TObject);
var
  URL:String;
  ScriptSrc,State,Scope:String;
  GUID:TGUID;
  Fm:TMainForm;
begin
  MainInfoPanel.Visible:=False;
  if tblCompanies.State in [dsEdit,dsInsert] then
  begin
    ShowInfo(False,rsPleaseSaveYourChangesFirst);
    Exit;
  end;
  if not CallbackEventRegistered then
  begin
    document.addEventListener('oauthcallback', @HandleAccessToken);
    CallbackEventRegistered:=True;
    ScriptSrc:=
      'function processAuthData(access_token) {'+
      'var event = new CustomEvent("oauthcallback", {'#13+
      ' detail: {'#13+
      '  message: access_token'#13+
      '},'#13+
      ' bubbles: true,'#13+
      ' cancelable: true});'#13+
      ' document.dispatchEvent(event);'+
      '}';
    asm
      var script = document.createElement("script");
      script.innerHTML = ScriptSrc;
      document.head.appendChild(script);
      var scr = document.createElement('script');
      scr.async = true;
      scr.defer = true;
      scr.type = 'text/javascript';
      document.body.appendChild(scr);
    end;
  end;
  CreateGUID(GUID);
  State:=GUIDToString(GUID);
  State:=Copy(State,2,Length(State)-2);
  Scope:='&scope=read:vat%20write:vat&state=';
  URL:=HMRCAuthorizationEndpoint+'?response_type=code&client_id='+SA_Client_ID+Scope+State+
    '&redirect_uri='+encodeURIComponent(SA_Redirect_URL);
  Fm:=Self;
  asm
    var w = 800;
    var h = 600;
    var y = (window.outerHeight/2)+window.screenY-(h/2);
    var x = (window.outerWidth/2)+window.screenX-(w/2);
    var authWin = window.open(URL,'oauth','width='+w+',height='+h+',location=no,toolbar=no,menubar=no,titlebar=no,'+
      'directories=no,status=no,top='+y+',left='+x);
//    var pollTimer = setInterval(function() {
//      if (authWin.closed) {
//        clearInterval(pollTimer);
//        $impl.AuthWindowClosed(Fm);
//      }
//    },1000);
  end;
end;

With such partial code snippet, it is all guesswork. There is no info here where HandleAccessToken comes from, what it does, why you inject this script and how this script is supposed to be invoked.
Since it appears you seemingly handle the OAuth cycle fully yourself, I cannot see how our code interferes or caused a change.
If you have not used Application.OnOAuthCallBack or Application.OnOAuthToken , our code should not interfere.

I did not include the code for HandleAccessToken because it is not being called.

How is Application.OnOAuthCallBack/OnOAuthToken meant to be used as it is not detailed in the documentation?

Application.OnOAuthCallBack/OnOAuthToken are event handlers triggered when the page is requested with a request parameter oauthcallback or code.

Is it possible for you to provide an example?

  1. Such examples require a service to authenticate against and a callback URL setup for the particular demo
  2. The Google Calendar & myCloudData demos are two demos that show OAuth authenticated REST API access
  3. Beyond this, time will need to be allocated in the team to work on more samples

I understand that but I am stuck. I have tried:

procedure TMainForm.OAuthCallback(Sender:TObject;AQuery:String);
begin
ShowMessage(AQuery);
end;

Application.OnOAuthCallBack:=OAuthCallback;

But it does not get called. Am I missing a step?