Try out the new Jake: AI Coding Assistant for LabVIEW (beta)!
Get answers to questions about LabVIEW and discuss your code.

Oauth 2.0 by G Open Source Project for LabVIEW - Toolkit for LabVIEW Download

Open Authorization 2.0

Watch

730

Version	1.1.0.4
Released	May 01, 2022
Publisher	G Open Source Project for LabVIEW
License	BSD 0-Clause
LabVIEW Version	LabVIEW>=13.0
Operating System	Windows, Mac, and Linux
Dependencies	labview_open_source_lib_data_manipulation labview_open_source_lib_epoch_datetime labview_open_source_lib_serializer labview_open_source_lib_unicity labview_open_source_project_lib_connection labview_open_source_project_lib_openuri labview_open_source_project_lib_serializer_base64
Project links	Homepage

Description

Oauth 2.0 library for LabVIEW

Open Authorization 2.0 API (Oauth2)

This library contains the base class for Oauth2 authorization workflow.

Extensions currently provided with the framework:
- Oauth2.Github
- Oauth2.GitLab
- Oauth2.Slack
- Oauth2.LinkedIn
- Oauth2.Google
- Oauth2.Harvest
- Oauth2.Template (for extensions)

(suggestions for more integrations, and community contributions are welcome)

Online authoritative resources:
https://oauth.net/2
https://www.oauth.com/

Online blogs by LabVIEW developers:
- https://info.erdosmiller.com/blog/implementing-oauth2-authorization-in-labview
- https://stravaro.com/2020/01/oauth2-and-labview/

A few comments about the current state and evolution of the project:

- This Oath2 library does not support Implicit Grant Flow, as it will be deprecated in Oauth 2.1 due to security concerns.
- PKCE (Proof-Key Challenge Exchange) workflow is implemented and used by default. It is highly recommended not to deactivate it, as it will become a mandatory feature when Oauth2.1 becomes the norm.

- As of this release, the library currently supports only redirections on port 80 (http) but has been built in a way that future updates should be easy to change to port 443 through https connection. This is because the project is maintained in LV2013 and TLS support was added in LV2020. However, an OauthClient class has been created to act as an "interface" which should allow injection of a TLS-secured client in later versions of LabVIEW (distributed as an extension addon to this library)
- This library currently supports Authorization tokens, but not the ID Tokens for OpenID extension. It should be part of a future upgrade, once support for JWT (JSON Web Token) has been added to the library.

Release Notes

1.1.0.4 (May 01, 2022)

- Support for Harvest App integration (time tracking and invoicing)
- Added support for reverse proxy (when localhost is not supported by Oauth server)
- Added a hook to inject a TLS-supported connection through an override of the OauthClient client (allows extensions to inject a TLS-enabled connection)

francois-normandin was a contributor to this release

1.0.0.3 (Apr 05, 2021)

- Initial release of Open Authorization 2.0 API (Oauth2)

This release contains the base class for Oauth2 authorization workflow.

It also contains extensions for popular services such as Github, Gitlab, Google, LinkedIn and Slack.
A template class is provided to start new service extensions quickly to suit the developer's needs.
I'm know Azure and AWS should be in that list, but those mentioned above were prioritized for developer's own selfish reasons... Hopefully this is remedied quickly through community contributions.

By default, the Oauth2 library uses the PKCE (Proof-Key Challenge Exchange) workflow, which will become mandatory as of Oauth 2.1. PKCE can be deactivated with an API call before the Authorize method is called, but since it is a no-op on servers that do not support it, it is recommended that it stays activated for all authorization requests.

The Oauth2 library does not (and will not) support Implicit Grant Flow, as it will be deprecated in Oauth 2.1 due to security concerns.

A few comments about the current state and evolution of the project:
- The library currently supports only redirections on port 80 (http) but has been built in a way that future updates should be easy to change to port 443 through https connection. This is because the project is maintained in LV2013 and TLS support was added in LV2020. However, an OauthClient class has been created to act as an "interface" which should allow injection of a TLS-secured client in later versions of LabVIEW (distributed as an extension addon to this library)
- This library currently supports Authorization tokens, but not the ID Tokens for ConnectID extension. It is being planned as well, once support for JWT (JSON Web Token) has been added to the library.