Jump to content

omnibrain

Members
 View Profile  See their activity

  • Content Count

    122

  • Joined

  • Last visited

Posts posted by omnibrain

  2. Posted

    2 hours ago, Angus Robertson said:

    So effectively supporting a public ClientId requires the ClientSecret to be specified before GetToken, GrantAuthToken, etc?  Have you tried changing ClientSecret immediately before these methods?  I'm not doing any development for a few days, busy with something else.

    No, a public client doesn't have a ClientSecret. Only an ID and is created in Azure Entra ID (formerly know as Azure Active Directory) as Multiple organizations type

    image.thumb.png.ad132161d333b55ef78302efef9b5700.png

    Like I said, just commenting out the checks if there is a secret and submitting and setting an empty one seems to work. But I'm not deep enough in the component or the OAuth flow to know if something else breaks. It was too late to do further tests. I guess I will know next week.
    Take your time, but it would be nice, if you could take a look, when you are back at developing, so we don't have to patch ISC on our end.
    If we gather further information I will post here.

    • Like 1

  3. Posted

    25 minutes ago, Angus Robertson said:

    Sorry, no quick answer, a public client seems the opposite of the OAuth2 concepts.  My Azure credentials are currently expired or dead, so no recent testing, but I'll look into this next week.

    If you want to read more: https://learn.microsoft.com/en-us/entra/identity-platform/msal-client-applications

     

    But I think it should be enough to know that there are client types, that are only identified by ID but must not send a secret.
    The user of course still has to enter his credentials into the browser to authenticate, the client sends his ID, so the auth website can show "You are trying to give App XYZ access". Of course that's easy to impersonate, but that's what signed executables are for...
    It's all horribly complicated.

    • Like 1

  4. Posted

    We are currently redoing our mail module using ICS because Clever Internet Suite seems to be gone for good and The Office 365 sync components we used got bought out and rolled into a completely different solution.
    But because our software is a commercial business software that gets used by various end users I registered a "public client" (for "Multiple Organizations") for usage with the "Real O365 Mail for companies and schools", not personal accounts.

     

    But the ICS components need a Client_Secret (there are hardcoded checks) but if you send one, you won't get a token: 

    {"error":"invalid_client","error_description":"AADSTS700025: Client is public so neither 'client_assertion' nor 'client_secret' should be presented. Trace ID: 4b38379d-3e12-485c-aff2-e0f450495800 Correlation ID: ad9abfcf-dac7-461f-a58d-b73136e07ae2 Timestamp: 2025-03-27 20:24:31Z","error_codes":[700025],"timestamp":"2025-03-27 20:24:31Z","trace_id":"4b38379d-3e12-485c-aff2-e0f450495800","correlation_id":"ad9abfcf-dac7-461f-a58d-b73136e07ae2"}


    I patched out the check of 

    if (FClientId = '') or (FClientSecret = '') then begin

    it seems I got a valid token, but I'm not sure what else broke, because there definitely seems to be code that still attempts to send an empty client_secret with requests.

    • Like 1

  5. Posted

    2 hours ago, Rollo62 said:

    Are'nt these just several independent server layers between the client and the LLMs, to unify the LLM communications?

    That's exactly what it is for. Unified way of discovery and access.

     

    2 hours ago, Rollo62 said:

    Currently they talk only about Claude, it seems very Claude centric to me.

    Anthropic wrote the spec but others, like Cursor adapted it. It's becoming some sort of standard way of tool and content discovery and access.

     

    2 hours ago, Rollo62 said:

    Do these MCP servers have any REST API or whatsoever, maybe I have overseen this?

    It's a JSON RPC 2.0 API.

    2 hours ago, Rollo62 said:

    For the use of agents, wouldn't it make more or same sense to have these features built in the client SDK ( Delphi Code ) in the first place?

    Then your app would have local, full control over all LLM's and DB's.

    If I want to integrate an agent into my software, I could do that.

    But I want to implemented several things: a) a way for any Agent to interact with (aspects of) my software. b) a MCP Server for the DBMS we use so I can use the (meta) information during development using agents or Cursor.

    2 hours ago, Rollo62 said:

    I would start with unifying access to different LLMs by implementing a general Delphi Interface for several LLM implementations,
    to have a compatible interface between several LLM ( if that will be really possible ).

    This has nothing to do with MCPs, but most cloud systems use a REST API that's similar to OpenAI's. So no need for that.

    To use local LLMs there are a few competing approaches possible, but you can leave the heavy lifting to libraries like llama.cpp or even use something like ollama and just use this API.

  9. Posted

    3 hours ago, FPiette said:

    You are not using a debug version of the application because there is missing details in the stack trace. Make sure you rebuild all, including the components.the debugger should show the excat line where the exception occurs.

    The line is already mentioned in the exception message in my first post. But next time I will pay special attention to this detail. 

    3 hours ago, Angus Robertson said:

    Bug now fixed, it was a late change in V9.,4 flushing the log file to disk in case the request failed, but not actually checking the log was opened.

    So it was exactly what I hoped for. 😉

  10. Posted

    39 minutes ago, Angus Robertson said:

    How do you propose I reproduce that problem?  It is most likely something specific to your installation.  

    I hoped it's just something like "Oh, I tried it and it happens on my end too, seems I overlooked xyz". There is nothing special, I think. 

     

    40 minutes ago, Angus Robertson said:

    Edit; thinking back, it might be first time issue saving INI settings or something, Is it repeatable?

    It happens very time.

    Quote

    OverbyteIcsSslUtils.TIcsBuffLogStream.FlushFile(False)
    OverbyteIcsHttpRestTst1.THttpRestForm.doStartReqClick(???)
    :0054d7a1 TControl.Click + $79
    :005523f2 TWinControl.WndProc + $66A
    :00575709 TButtonControl.WndProc + $71
    :0055254c DoControlMsg + $28
    :005523f2 TWinControl.WndProc + $66A
    :005518fb TWinControl.MainWndProc + $2F
    :004c82e2 StdWndProc + $16
    :75cf7943 ; C:\WINDOWS\SysWOW64\USER32.dll
    :75ce601d ; C:\WINDOWS\SysWOW64\USER32.dll
    :75ce717c ; C:\WINDOWS\SysWOW64\USER32.dll
    :75cfe358 ; C:\WINDOWS\SysWOW64\USER32.dll
    :75ce57e6 USER32.SendMessageW + 0x46
    :720845d7 ; C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.3037_none_85b65d03f7afec7e\COMCTL32.dll
    :720995c4 ; C:\WINDOWS\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.26100.3037_none_85b65d03f7afec7e\COMCTL32.dll
    :75cf7943 ; C:\WINDOWS\SysWOW64\USER32.dll
    :75ce601d ; C:\WINDOWS\SysWOW64\USER32.dll
    :75ce578a ; C:\WINDOWS\SysWOW64\USER32.dll
    :005524fa TWinControl.DefaultHandler + $E6
    :005523f2 TWinControl.WndProc + $66A
    :00575709 TButtonControl.WndProc + $71
    :004c82e2 StdWndProc + $16
    :75cf7943 ; C:\WINDOWS\SysWOW64\USER32.dll
    :75ce601d ; C:\WINDOWS\SysWOW64\USER32.dll
    :75ce54aa ; C:\WINDOWS\SysWOW64\USER32.dll
    :75ce5010 USER32.DispatchMessageW + 0x10 

    function TIcsBuffLogStream.FlushFile(OldFName: Boolean = False): Integer;
var
    HdrLine: String;
    Utf8Line: RawByteString;
    LineLen: Integer;
    LogHandle, Attempts: Integer;
    TickCount: Int64;    { V8.71 }
    Bom : TBytes;
begin
    Result := 0 ;
    FIdleTimer.Enabled := false;

     

  11. Posted

    To be able to debug a problem where one of my users can't reach some URLs (get's 404 despite beeing able to access the URLs in the browser on the same machine) I tried to compile OverbyteIcsHttpRestTst.dproj for him to see if the same error happens with this "reference implementation".

     

    But when I click "Start REST Request" I always get the same Access Violation:

    Quote

    ThreadId=9672
    ProcessId=6
    ThreadName=""
    ExceptionMessage="Access violation at address 0000000000866164. Read of address 00000000000000E8"
    ExceptionName="EAccessViolation"
    ExceptionDisplayName="$C0000005"
    ExceptionAddress=00866164
    FileName="C:\lisa\bib\ics\Source\OverbyteIcsSslUtils.pas"
    LineNumber=1145

    It doesn't matter if Release or Debug Build or 32 or 64 Bit. It just never works.

     

    Quote

    INI File: C:\Users\apfau.lisa\AppData\Local\ICS\OverbyteIcsHttpRestTst.ini
    SSL/TLS DLLs OpenSSL 3.4.1 11 Feb 2025 from C:\ProgramData\ICS-OpenSSL\libssl-3.dll, Legacy Provider Not Loaded
    283 CA root certificates loaded from internal bundle: RootCaCertsBundle + ICS + Extra
    Built With Delphi 11.2 Win32
    13:22:18 25.02.2025 13:22:18 Starting REST request for URL: https://jsonplaceholder.typicode.com/users

     

    I use Delphi 11.2 if that matters.

  13. Posted

    I make heavy use of 'TSslHttpRest' for all kinds of requests, but with the recent update to ICS 9.4 (I skipped 9.3) some requests to plain text endpoints fail. I get 200 OK, but the responseraw is empty.

    I think the culprit is this: 

    { V9.3 is a MIME type texual or printable text }
function IcsMimeIsTextual(const MimeType: String): Boolean;
begin
    Result := (Pos ('text/', MimeType) = 1) or (Pos ('json', MimeType) > 0)  or
               (Pos ('javascript', MimeType) > 0) or (Pos ('xml', MimeType) > 0);
end;

    I have to request some servers that answer with content-type 'text' instead of 'text/plain', so this function doesn't work for me.

    I'm not sure if you consider this a bug, because I think just 'text' is no "official" mime-type, but on the other hand, I have no control over the servers I have to query, so I would appreciate if there was a solution besides me manually patching the ICS code. 

  14. Posted · Edited by omnibrain

    2 hours ago, Angus Robertson said:

    Do you mean you are using Caddy or nginx as a proxy in front of non-SSL ICS servers?

    Yes. It's not only reverse-proxing ICS based servers/APIs, but also other processes and serving static files. Everything in one place. I can imagine others working like this as well. In my case Caddy handles the certificates (via ZeroSSL) automagically.

  15. Posted

    On 2/18/2025 at 1:41 PM, Angus Robertson said:

    Not sure how many ICS users actually make use of Let's Encrypt certificates, I never hear about bugs or problems, so perhaps they just work, or ICS users are still paying for commercial certificates?

    I'm having Caddy in front of everything. Our customers either use Caddy or nginx.

  16. Posted

    On 11/3/2024 at 11:28 AM, delphidelphi said:

    What are nowadays best internet components (stable and reliable) http, POST, GET, PUT, PATCH etc (REST Delphi built-in not an option)

    I use ICS for most stuff. The little complaints I have usually get addressed fast.

  18. Posted

    I still enjoying trying out the components and have some first ideas but not enough time.

    But I have a few questions: 

    • The Demos seem to be a bit messed up pathwise. Difficult to describe, I think it's best if you do a clean install and open a Demo in Delphi yourself and then start it from within Delphi.
    • You have SaveSVG and ExportDoc procedures. Both save to files. Is there a reason there is no option to save to a stream to continue processing the generated label directly in a program? Or am I overlooking something?
    • I managed to hide almost all control elements of the editor component. But not the scrollbars. Am I overlooking something?
    • I see that you can use a CSV file or JSON as Data Source. But is it also possible to use a TDataSet?

     

  23. Posted

    In the end each tool has their uses. 2 years ago I had to quickly add a customer portal to our software. A customer of one of our customers wanted to be able to access protocols and reports. Giving them direct access was no option. So I set up a DB server, built a custom periodic data export, and used a no/low code tool named Budibase to build a web frontend. Because I have total control over the data I export I could work around limitations regarding data representation by simply adjusting my export logic.

  24. Posted · Edited by omnibrain

    Interesting, never heard of it before. It looks like it is more in the direction of WEB framework & components for Delphi & Visual Studio Code | TMS Software than FMSoft uniGUI Web Application Framework 

     

    There are of course also Elevate Software, Inc. Quartex Pascal – Research and development for the next generation object pascal (quartexdeveloper.com) and Smart Mobile Studio | About | Smart Mobile StudioAbout - Smart Mobile Studio but they are not 100% Delphi but rather Object Pascal and Delphi inspired.

     

    Perhaps a user of some of them can chime in.

×