Class Reference
IRIS for UNIX 2019.4
InterSystems: The power behind what matters   
Documentation  Search
  [ENSLIB] >  [%OAuth2] >  [Login]
Private  Storage   

class %OAuth2.Login extends %CSP.Login

%OAuth2.Login is the base class for login pages which use OAuth 2.o or OpenID Connect. The usual login class will only override the APPLICATION and SCOPE parameters.
Additional customization may be done by overriding the RESPONSEMODE parameter and DefineProperties method.
The login page will directly login the session using delegated authentication. See loginZAUTHENTICATE.mac in the SAMPLES namespace for an exaample ZAUTHENTICATE routine.


Parameters Properties Methods Queries Indices ForeignKeys Triggers
4 4


%ClassIsLatestVersion %ClassName %Close %DispatchClassMethod
%DispatchGetModified %DispatchGetProperty %DispatchMethod %DispatchSetModified
%DispatchSetMultidimProperty %DispatchSetProperty %Extends %GetParameter
%IncrementCount %IsA %New %OriginalNamespace
%PackageName %SetModified ConvertParameter Decrypt
DefineParameters DefineProperties DrawCSS3STYLE DrawHEAD
DrawSTHEAD DrawSTTitle DrawSTYLE DrawTitle
DrawTitleSection Encrypt EncryptBroker EscapeHTML
EscapeURL HyperEventBody HyperEventCall HyperEventFrame
HyperEventHead Include InsertHiddenField InsertHiddenFields
IsPrivate Link OnErrorSetup OnHTTPHeader
OnHandleCorsRequest OnHandleOptionsRequest OnLoginPage OnPage
OnPageError OnPostHTTP OnPostHyperEvent OnPreHTTP
OnPreHyperEvent OnSecurityTokenPage Page QuoteJS
RewriteURL ShowError StartTimer StopTimer
SupportedVerbs ThrowError UnescapeHTML UnescapeURL


• parameter APPLICATION;
The application name for the application being logged into.
The actual login page will need to override this parameter.
• parameter RESPONSEMODE;
The RESPONSEMODE parameter specifies the mode of the response as either query, fragment or form_post. The default is query.
• parameter SCOPE;
The blank separated scope list to be used for the access token request. The actual login page will need to override this parameter.
• parameter SessionQueryParameter = "CSPOAUTH2";
The name of the query parameter used to carry the access token hash.


• classmethod DefineParameters(Output application As %String, Output scope As %String, Output responseMode As %String)
Callback to allow the overriding login subclass to define the class parameter values at run-time
The default to use the class parameter values.
• classmethod DefineProperties(Output properties As %String)
Callback to allow the overriding login subclass to define the properties list for the GetAccessTokenAuthorizationCode call.
properties is a local array specifying additional properties to be included in a token request in the form properties(name)=value. To add a request parameter which is a JSON object, you may either create a properties element which is a %DynamicObject or is a string that is the UTF-8 encoded serialized object. For example the claims parameter that is defined by OpenID Connect. If the request or request_uri request parameters are to be used, then the %SYS.OAuth2.Request class is used to create the JWT. The the JWT is assigned to properties("request") or the URL for the JWT is assigned to properties("request_uri")
• classmethod OnPage() as %Status
Output the default login page as HTML
• classmethod OnPreHTTP() as %Boolean
Determine if we need login CSRF tokens and if so add them. If a login page subclass overrides this method it should call this implementation to ensure we set the login CSRF tokens if needed.

Copyright (c) 2019 by InterSystems Corporation. Cambridge, Massachusetts, U.S.A. All rights reserved. Confidential property of InterSystems Corporation.