Using Code/Token Path for SSO in Windows Form Application

  • 2
  • Question
  • Updated 12 months ago
I have written a Windows Forms app in C#, and everything works great in the sandbox.  However after talking to RingCentral about SSO we apparently cannot just use the Token path to authenticate.  Now that I am digging into the Code/Token path it seems this is only for Web Applications.

1. Has anybody used the Code/Token path in a windows form?  If so... how?

2. Any other ideas for SSO to work without using Code/Token path?
Photo of Corey Tenney

Corey Tenney

  • 302 Points 250 badge 2x thumb
  • ANGRY

Posted 12 months ago

  • 2
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,828 Points 5k badge 2x thumb
For "Code/Token" are you talking about the Authorization Code flow ? https://devcommunity.ringcentral.com/ringcentraldev/topics/using-oauth-2-0-authorization-code-grant-...

For Windows form, you can embed a web browser widget and let user do authorization there. You can set redirectUri to localhost or whatever uri. Because you can access the address of the web browser widget to get the auth code no matter what is the redirectUri.
Photo of Corey Tenney

Corey Tenney

  • 302 Points 250 badge 2x thumb
Tyler yes thats the code flow.  Its been about 20+ years since I did any Windows Forms stuff... so I really appreciate the information.
Photo of Corey Tenney

Corey Tenney

  • 302 Points 250 badge 2x thumb
Tyler, can I use the RingCentral Nuget Package to do Code flow?  I didnt see a way to do it.
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,828 Points 5k badge 2x thumb
Yes, here is sample code: https://github.com/ringcentral/ringcentral-demos-oauth/tree/master/csharp-nancy/csharp-client-nancy

Note: the sample code is using Nancy as local http sever to interpret the redirect uri. You don't need a local http server because you can access the web browser widget's address bar to get the redirect url directly.
Photo of Corey Tenney

Corey Tenney

  • 302 Points 250 badge 2x thumb
I dont suppose you have the config.json?? its not in the github
Photo of Corey Tenney

Corey Tenney

  • 302 Points 250 badge 2x thumb
Tyler, I found one for the SDK.. not the Client... are they the same?
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,828 Points 5k badge 2x thumb
You should use this one https://github.com/ringcentral/ringcentral-csharp-client. Others are either deprecated or unofficial.
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,828 Points 5k badge 2x thumb
The demo code is this folder: https://github.com/ringcentral/ringcentral-demos-oauth/tree/master/csharp-nancy/csharp-client-nancy

I don't think you can use it directly because the env is quite different. (website vs winform). For the config.json, it's just a json file with credentials. The fields can be found here: https://github.com/ringcentral/ringcentral-demos-oauth/blob/master/csharp-nancy/csharp-client-nancy/...

I recommend you to take a look at: https://github.com/tylerlong/ringcentral-python#authorization-code-flow-3-legged-authorization-flow It describes the four steps of the oauth flow. It's in Python but the the flow is the same for C#.

If you cannot make it work. Please provide detailed error message or where you are stuck. I will be happy to help.
(Edited)
Photo of Corey Tenney

Corey Tenney

  • 302 Points 250 badge 2x thumb
Tyler, so I have a webbrowser control, I got it to go out and able to login... however the login wants to come back to the redirectUri, which unless we setup a whole website just to get this back..... I really dont see a way within the webbrowser control to handle the return.
Photo of Tyler Long

Tyler Long, Official Rep

  • 9,828 Points 5k badge 2x thumb
Corey, I don't remember the details. But you are the creator of the webbrowser control so you can access all of it properties including its URL.

Check this: https://stackoverflow.com/questions/4913243/c-sharp-when-can-i-know-that-webbrowser-controller-url-c...  And this https://stackoverflow.com/questions/9924382/how-to-get-the-url-of-a-webbrowser-control

You don't need to setup a whole website because the redirect uri is not important. You can set it to http://does-not-exist.com/oauth  and you just monitor the webbrowser url change. Whenever it changes to something like  http://does-not-exist.com/oauth?code=xxxxx   Then you can get the code.