Stuart Clennett 15 Posted April 11, 2019 Hi, I'm trying to save a JWT token to a file between program runs. I have a console app that runs on a short schedule and I want to prevent having to authenticate each time. I am using MarsClientToken SaveToStream / LoadFromStream to get the json token data into and out of a temp file. The contents of the temp file look fine & contain the json I would expect, i.e. the "Token" and each token property (the expired date is always +24hrs ) When the token data is loaded from the file, IsVerified = True, isExpired = false, and Authenticated = True, but I am getting 403 forbidden when I make my api calls. Logging in with username/password works fine of course. Is there something I am missing ? Thanks Share this post Link to post
Andrea Magni 75 Posted April 11, 2019 Hi, hard to say without looking at the code but I guess it is because of the TMARSClient.AuthEndorsement value. By default MARS uses cookies to endorse the token in the requests. But if you are loading the token from file, it is quite probable the client does not have the cookie set. MARS actually supports two ways to endorse the token in the request: cookie and the Authorization header. If you set the client AuthEndorsement property to AuthorizationBearer, does it works? I've built a simple example (server and client) as an example: https://www.dropbox.com/s/zu0ovdhj1g88md9/MyConsole.zip?dl=0 Just run the MyConsoleServerApplication and then the MyConsole. Let me know if everything is fine. Sincerely, Andrea Share this post Link to post
Stuart Clennett 15 Posted April 11, 2019 HI Andrea, Yes, that was it, I had AuthEndorsement set to cookie. So sorry, I thought I had checked that but clearly not. Kind regards Share this post Link to post
Andrea Magni 75 Posted April 12, 2019 6 hours ago, Stuart Clennett said: HI Andrea, Yes, that was it, I had AuthEndorsement set to cookie. So sorry, I thought I had checked that but clearly not. No problem at all! I am investigating if it would be possible to force cookies of the client when loading the token from file/stream. IIRC it was not easy to do with one of the two http client libraries currently available (Indy and NetHttpClient). Sincerely, Andrea Share this post Link to post
Stuart Clennett 15 Posted April 12, 2019 Thanks Andrea. Good luck with that 😉 1 Share this post Link to post
![Delphi-PRAXiS [en]](https://en.delphipraxis.net/uploads/monthly_2018_12/logo.png.be76d93fcd709295cb24de51900e5888.png){kind=logo}
.thumb.png.1d73dcf647e02a433251e01e4a231b8e.png){kind=avatar}