Jump to content

Fredrik Larsson

Members
  • Content Count

    7
  • Joined

  • Last visited

Everything posted by Fredrik Larsson

  1. Hi, I am using TRestOAuth and I am having problems with token. The first part is getting an accountcode and that works fine. But then the token couldn't be fetched. The server implements a need for basic authentication with clientid:clientsecret to be able to retrieve the token. I guess this is not standard? Currently I fetch the token manually on the NewCode event and using a httprest component. This of course gives the web page that the account code fetching failed. So any ideas on how to best implement the basic authentication within TRestOAuth? Regards, Fredrik
  2. Fredrik Larsson

    TRestOAuth and token under basic authentication

    That would be perfect. Thanks!
  3. Fredrik Larsson

    TRestOAuth and token under basic authentication

    They use authorization_code They use clientid+clientsecret with basic authentication. At first I thought it was a bit obscure but I read the following from oauth: https://www.oauth.com/oauth2-servers/access-tokens/authorization-code-request/ If the client is authenticating via HTTP Basic Auth or some other method, then this parameter is not required. Otherwise, this parameter is required. If the client was issued a client secret, then the server must authenticate the client. One way to authenticate the client is to accept another parameter in this request, client_secret. Alternately the authorization server can use HTTP Basic Auth. Technically the spec allows the authorization server to support any form of client authentication, and mentions public/private key pair as an option. In practice, most consumer servers support the simpler methods of authenticating clients using either or both of the methods mentioned here. For more advanced methods of authenticating the client, refer to RFC 7523 which defines a method of using a signed JWT as client authentication. As I understand it, basically a variety of client authentication methods can be used. So perhaps either publishing those properties or have an event where they can be overidden? It's a bit hard to provide an endpoint for them, since it's a swedish ledger/accounting system and only documentation in Swedish. /Fredrik
  4. I have an OAuth2 where the callback needs to make a callback to https://localhost:44300 with a signed certificate. Optimal I would use RestOAuth but that doesn't support SSL callbacks so I need to tweak that a bit and use my own server for the SSL part. But I can't really figure out how to use TSimpleWebSrv fully in SSL mode. I get that I can listen to WebSrvPortSSL and that works but then what certificate to use? It's these properties I get: SimpleWebSrv1.WebSrvCertPassword := 'password'; SimpleWebSrv1.WebSrvCertBundle := 'whattouse.pem'; Is there a simple way to create a self signed localhost certificate? How would I use it? I can't really figure it out from demos either. Any input is appreciated. Regards, Fredrik
  5. Fredrik Larsson

    Use TSimpleWebSrv for localhost with certificate

    Hi, When I signed up it said: Redirect URI: https://localhost:44300/callback The redirect URI given above is only a temporary placeholder. Please contact us to register a redirect URI that is appropriate for your solution. Please keep in mind that we only support HTTPS protocol when you set up a redirect URI. But I will write them an e-mail about desktop solutions. Regards, Fredrik.
  6. Fredrik Larsson

    Use TSimpleWebSrv for localhost with certificate

    Cool! I will look into that code and try it. Seems to make sense and fairly straight forward. It's Visma which is a Swedish/Nordic accounting solution provider. I agree it's a bit over the top and I don't know why they have that requirement. Perhaps they are mostly considering online web applications. For anyone else who needs it, this seems to work: SimpleWebSrv1.WebSrvCertPassword := ''; SimpleWebSrv1.WebSrvCertBundle := ''; lAppDir := ExtractFileDir(ParamStr(0)); Log('Appdir=' + lAppDir); lCert := IncludeTrailingPathDelimiter(lAppDir) + 'cert-localhost.pem'; if NOT FileExists(lCert) then begin if NOT SslX509Certs1.CreateAcmeAlpnCert(lCert, 'localhost', '') then begin Log('Failed to Create LocalHost Certificate: ' + lCert); Exit; end; end; SimpleWebSrv1.WebSrvCertBundle := lCert; if not SimpleWebSrv1.StartSrv then Log('Server not started)') else Log('Server started');
  7. Investigate the old D5 sample code for ICS. Alternatively you can use latest Delphi to build a dll which you can call from your legacy D5 application. That's how I did for one project.
×