The develop branch of the Daraja HTTP Framework contains a new tutorial which contains the full source code for a web server application which implements OAuth 2.0 authorization to access Google APIs. The example calls the Google Drive API to display the result of a ‘files’ request, which contains the files on the My Drive page of the user account in JSON format.


  • Google account – with access to the developer console
  • a Google API project with an OAuth 2.0 client ID and the authorised redirect URI http://localhost/oauth2callback
  • the client_secret.json file with the project configuration – this file must be saved in the tutorial8 folder
  • OpenSSL DLLs – 32 or 64 bit depending on your target
  • Lazarus 2.0 or Delphi 2009+ IDE
  • for Delphi, the SuperObject JSON parser library is required

What it does

  1. the program loads the configuration from client_secret.json and starts the local web server on localhost
  2. the program launches your web browser and navigates to the start page http://localhost/
  3. the start page redirects to the Google server and asks to log in and give permission to access the Google Drive API
  4. after the user signed in, the code sends a request to the Google Drive API and displays the result


Drive API response

The Google Drive API server response is shown below:

 "kind": "drive#fileList",
 "etag": "\"nXSjiG018zLTxfo-c5q0BWoTPz8/NS6IZ34tXCSkWGa3gedAvR0dcok\"",
 "selfLink": "",
 "nextPageToken": "~!!~AI9FV7Syo7vCeDrvDNfNUYuVuiX8usRekeUGHhzvyx8Qv3bQAko75vqOY8YcXvs1EW_u_BLtMO-s85rDajdFDKbGMrNJMEjqSPooycUBEECRvcS18istQ6xEHQnQaylfLD-k09uLBLJPtyBpDt3mCwQjzxcDinBWIe39Oy1BXDXpZSUK2ajU2nvETYJWEf1pJyD4qlbDe6r7x7hzEy-RUWD1gbnxS4bWtlelWEU9jcx100ytR1tWa-NHpwPpvASEb5qyscZ3s-xE4-CpNamfN1OAH0stbeUi3J--BfaREKI-ERYvbuyq3Cb3OPyuA_jeRHgTExq2as-GZ3adV1hmed5REWjK6dpeQXXOPFO4vbR8DQnmsszu9R_ZtUgRH2LTWnd7nr6HSXxj",
 "nextLink": "!!~AI9FV7Syo7vCeDrvDNfNUYuVuiX8usRekeUGHhzvyx8Qv3bQAko75vqOY8YcXvs1EW_u_BLtMO-s85rDajdFDKbGMrNJMEjqSPooycUBEECRvcS18istQ6xEHQnQaylfLD-k09uLBLJPtyBpDt3mCwQjzxcDinBWIe39Oy1BXDXpZSUK2ajU2nvETYJWEf1pJyD4qlbDe6r7x7hzEy-RUWD1gbnxS4bWtlelWEU9jcx100ytR1tWa-NHpwPpvASEb5qyscZ3s-xE4-CpNamfN1OAH0stbeUi3J--BfaREKI-ERYvbuyq3Cb3OPyuA_jeRHgTExq2as-GZ3adV1hmed5REWjK6dpeQXXOPFO4vbR8DQnmsszu9R_ZtUgRH2LTWnd7nr6HSXxj",
 "incompleteSearch": false,
 "items": [
   "kind": "drive#file",
   "id": "17Llqfqu6LTsRg2ZSA6o75IREsrmktJYr",
   "etag": "\"nXSjiG018zLTxfo-c5q0BWoTPz8/MTU1MTQzNDE4ODk4OA\"",
   "selfLink": "",
   "webContentLink": "",
   "alternateLink": "",
   "embedLink": "",
   "iconLink": "",
   "title": "Formes.txt",
   "mimeType": "text/plain",
   "labels": {
    "starred": false,
    "hidden": false,
    "trashed": false,
    "restricted": false,
    "viewed": true

(parsing the JSON response and conversion to HTML is left as an exercise to the reader)

Code of the HTTP GET handler

The handler of main page at http://localhost/ is shown below. In line 17, a TidHTTP instance is created to invoke the Drive API.

procedure TPublicResource.OnGet(Request: TdjRequest; Response: TdjResponse);
  Credentials: TCredentials;
  if Request.Session.Content.Values['credentials'] = '' then begin
  end else begin
    Credentials := ToCredentials(Request.Session.Content.Values['credentials']);
    if Credentials.expires_in <= 0 then begin
    end else begin
      IdHTTP := TIdHTTP.Create;
        IdHTTP.Request.CustomHeaders.Values['Authorization'] :=
          'Bearer ' + Credentials.access_token;
        Response.ContentText := IdHTTP.Get('');
        Response.ContentType := 'text/plain';
        Response.CharSet := 'utf-8';

Security note

After testing, you should revoke the account access of your test application. To do so, visit where all third-party apps with account access are listed.


About Daraja HTTP Framework


The Daraja HTTP Framework is a free open source library for Object Pascal (Free Pascal 3.0.4, Delphi 2009+), based on the stand-alone HTTP server component in Internet Direct (Indy).

Project GitHub page:




Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s