Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. Angus Robertson
    If you can privately email the 'public' ClientId for next week, that will save a lot of time setting up Azure, which is always a nightmare. Angus
  3. Today
  4. omnibrain
    No, a public client doesn't have a ClientSecret. Only an ID and is created in Azure Entra ID (formerly know as Azure Active Directory) as Multiple organizations type Like I said, just commenting out the checks if there is a secret and submitting and setting an empty one seems to work. But I'm not deep enough in the component or the OAuth flow to know if something else breaks. It was too late to do further tests. I guess I will know next week. Take your time, but it would be nice, if you could take a look, when you are back at developing, so we don't have to patch ISC on our end. If we gather further information I will post here.
  5. Rollo62
    Perhaps you don't have activated them in the project I try from time to time to cleanup all warnings, but with these "unsafe" checked I've got a huge list with myriads of warnings. Thats why I try to find a better design, how to remove them. Since I usually see warnings same as errors, I try to remove them all, but with these settings nearly every unit ( System units too ) produce massive warnings. All in all they were maybe not so critical, or came from a different ARC-era, but still they point towards some possible flaws in code. I think its always worth to try to find better solutions.
  6. Angus Robertson
    So effectively supporting a public ClientId requires the ClientSecret to be specified before GetToken, GrantAuthToken, etc? Have you tried changing ClientSecret immediately before these methods? I'm not doing any development for a few days, busy with something else. Angus
  7. omnibrain
    If you want to read more: https://learn.microsoft.com/en-us/entra/identity-platform/msal-client-applications But I think it should be enough to know that there are client types, that are only identified by ID but must not send a secret. The user of course still has to enter his credentials into the browser to authenticate, the client sends his ID, so the auth website can show "You are trying to give App XYZ access". Of course that's easy to impersonate, but that's what signed executables are for... It's all horribly complicated.
  8. Vincent Gsell

    Job Bruxelles hybride

    Vincent Gsell replied to Piazza's topic in Job Opportunities / Coder for Hire

    @Patrick PREMARTIN parlons de manière chiffrées : Moins il y a de concurrence sur le job mieux c'est ! pas vrai ?! Surtout laissons le comme cela et ne le traduisons pas 😉
  9. Angus Robertson
    Sorry, no quick answer, a public client seems the opposite of the OAuth2 concepts. My Azure credentials are currently expired or dead, so no recent testing, but I'll look into this next week. Angus
  10. Hans♫
    It also depends on your need to access the hardware on the computer. If you need to access microphone, camera, harddrive, audio, USB devices, etc. you have much better control with an installed app. It is the case with both desktop and mobile devices. That's the reason we release our app on Windows, MacOS, Android and iOS.
  11. Yashu Yashu joined the community
  12. judypage
    On Windows, TWebBrowser shows a warning page, but on iOS and Android, it blocks the page completely due to strict SSL rules. Possible Fixes: For Android: Use a custom WebViewClient to ignore SSL errors. Modify AndroidManifest.xml to allow insecure connections (not recommended for production). For iOS: iOS doesn’t allow ignoring SSL errors in WebView. You may need to install the self-signed certificate on the device manually. Alternative: Use TNetHTTPClient instead of TWebBrowser, as it gives more control over SSL handling
  13. judypage judypage joined the community
  14. Der schöne Günther
    I don't get a warning for the above code at all 🤷‍♂️
  15. Lars Fosdal
    Considering every major ERP vendor is moving to cloud, I would say that the trend is "no". However, these are typically enterprise sized ERP systems. There may be a niche for small shop owner ERPs - but there are already tons of these out there, and even some of those are cloud based. As soon as you exceed a single user, you are in database territory, and when you talk mobile apps, you definitively are in web service country. I would suggest that you really research your intended target audience to see if there is a gap where a desktop app could fill a need. I would also suggest that you narrow down and "modularize" your functionality, because the concepts of ERP systems and their near relatives are REALLY far reaching. You may suddenly find yourself in Tax, CRM, HR & Salary, document management, EDI and WMS territory.
  16. Rollo62
    What I have found is that aside the usual [unsafe] there is a specific [Result: unsafe] attribute, which can be used before member functions, where I have assumed that this might suppress the warnings. https://docwiki.embarcadero.com/Libraries/Seattle/en/System.UnsafeAttributehttps://docwiki.embarcadero.com/Libraries/Seattle/en/System.UnsafeAttribute This should be applicable to functions as well, but it doesn't suppress these unsafe typecase warnings But it also says: There is also the unsafe method modifier, or maybe unsafe keyword how Marco called it, which can be added behind a function. This does more than just compiler magic, but it seems to modify reference counting. So this is not what I'm looking for, but mybe with Recors it does this job? Is the [Result: unsafe] attribute maybe a leftover from the mobile ARC stuff and nowadays has no meaning? I'm unsure what this really should do, except suppress warnings. There was an old whiteparer "The Delphi Language for Mobile Development" from 2013, which seems not available any more. What I'm looking for is a selective way to suppress the warnings a Record level, to tell the compiler that I take the responsibility.
  17. Dave Nottage

    Job Bruxelles hybride

    Dave Nottage replied to Piazza's topic in Job Opportunities / Coder for Hire

    Même chose 😄
  18. Patrick PREMARTIN

    Job Bruxelles hybride

    Patrick PREMARTIN replied to Piazza's topic in Job Opportunities / Coder for Hire

    It's not encrypted. It's in French. 😉 (I can show the PDF with macOS viewer, you should be able to read it)
  19. Tommi Prami

    OtlParallel Memory Leak

    Tommi Prami replied to Celebr0's topic in OmniThreadLibrary

    I bet you did not fix the actual problem here. -Tee-
  20. Darian Miller
    I believe many people prefer native desktop applications to the typical bloat of a web application. There are some exceptions, and I am an older guy with heavy bias, but I would pay double for a native desktop application over a browser based application for just about anything. If I wanted to use it on my phone, I'd take a scaled down version, targeted with features needed to be available on-the-go.
  21. Attila Kovacs

    Job Bruxelles hybride

    Attila Kovacs replied to Piazza's topic in Job Opportunities / Coder for Hire

    It’s definitely encrypted, I can’t read it either.
  22. Anders Melander

    Job Bruxelles hybride

    Anders Melander replied to Piazza's topic in Job Opportunities / Coder for Hire

    What can I say? Whoosh?
  23. gkobler

    wuppdi Welcome Page for Delphi 11 Alexandria?

    gkobler replied to PeterPanettone's topic in Delphi IDE and APIs

    Version 1.1.1.B33 is ready for D11 and D12 (32 + 64 Bit)
  24. Yesterday
  25. Carlos Miller Goncalves de
    The APK I am finalizing and currently testing is designed to collect events entered by the user. In many cases, it serves as a delivery APK. All operations are conducted on the local database of the device, as internet access is not available everywhere, which means it functions primarily offline. The issue is that, to prevent the user from having to sync manually, it would require some feature to enable automatic synchronization.
  26. David Heffernan

    Job Bruxelles hybride

    David Heffernan replied to Piazza's topic in Job Opportunities / Coder for Hire

    No salary, and talk of XE12 a version that does not exist.
  27. omnibrain
    We are currently redoing our mail module using ICS because Clever Internet Suite seems to be gone for good and The Office 365 sync components we used got bought out and rolled into a completely different solution. But because our software is a commercial business software that gets used by various end users I registered a "public client" (for "Multiple Organizations") for usage with the "Real O365 Mail for companies and schools", not personal accounts. But the ICS components need a Client_Secret (there are hardcoded checks) but if you send one, you won't get a token: {"error":"invalid_client","error_description":"AADSTS700025: Client is public so neither 'client_assertion' nor 'client_secret' should be presented. Trace ID: 4b38379d-3e12-485c-aff2-e0f450495800 Correlation ID: ad9abfcf-dac7-461f-a58d-b73136e07ae2 Timestamp: 2025-03-27 20:24:31Z","error_codes":[700025],"timestamp":"2025-03-27 20:24:31Z","trace_id":"4b38379d-3e12-485c-aff2-e0f450495800","correlation_id":"ad9abfcf-dac7-461f-a58d-b73136e07ae2"} I patched out the check of if (FClientId = '') or (FClientSecret = '') then begin it seems I got a valid token, but I'm not sure what else broke, because there definitely seems to be code that still attempts to send an empty client_secret with requests.
  28. Stéphane Wierzbicki

    Job Bruxelles hybride

    Stéphane Wierzbicki replied to Piazza's topic in Job Opportunities / Coder for Hire

    FWIW I was able to read your PDF.
  29. Piazza

    Job Bruxelles hybride

    Piazza replied to Piazza's topic in Job Opportunities / Coder for Hire

    Are you sure ? Another participant just read the offer and contacted me.
  30. Anders Melander

    Job Bruxelles hybride

    Anders Melander replied to Piazza's topic in Job Opportunities / Coder for Hire

    The pdf appears to be 🐸-encrypted 😉
  1. Load more activity
×