After discussing Security and OAuth workflows for a desktop hybrid app, it's time for a sample.
This sample uses MongoDB to store user information. Why? No particular reason, it can actually be any kind of database (relational or not), so I used this due my previous experience with mLab easy setup. The image shows the overall architecture. You can see it working.
About the code
The full source code is available at Autodesk Forge Github, but let me point out a few interesting points:
- The desktop app uses a CEFSharp browser for OAuth and to show models on Viewer. Check the FrameLoadEnd event handler, that's where it tracks the callback from the server with the session ID (i.e. the database registry unique ID that stores the Forge Access and Refresh Token). You can see the OAuth starting at /cloud/OAuth/default.aspx, then the callback handled at /Controllers/OAuthController.cs
- On every request, the database class check the access token expiration time and, if needed, refresh, see more here
- Viewer authentication is done via Proxy, see code here and another article describing it
- NuGet package is used ONLY on the cloud module, intentionally, as the desktop modules does not "know" Forge
Review the sample readme file for detailed instructions, but you'll need:
- Visual Studio, I'm using 2017 Community edition
- Forge account and one app (client ID and secret)
- mLab running instance
Next article I'll describe the deployment on AWS Elastic Beanstalk. Stay tuned.