How do I implement "Authorization: Bearer <Token>" in a Delphi REST Server?
I have a working REST server (Sydney) that uses a custom header (AuthToken: 'Token') to authorize users.
When I try to use "Authorization: Bearer 'Token'" as a header in a POST request, I get an exception in my rest server as below. 
It looks like I have to assign a procedure to a TIdHTTPParseAuthenticationEvent, but I cannot find out where to do that.
When you create a Datasnap REST server project, it creates a default TIdHTTPWebBrokerBridge object for you, which is a TIdCustomHTTPServer descendant. You can assign a handler to its OnParseAuthentication event in code (since it is not a visual component on the Form), eg:
procedure TForm1.FormCreate(Sender: TObject);
begin
FServer := TIdHTTPWebBrokerBridge.Create(Self);
FServer.OnParseAuthentication := ParseAuthentication; // <-- here
end;
procedure TForm1.ParseAuthentication(AContext: TIdContext;
const AAuthType, AAuthData: String;
var VUsername, VPassword: String;
var VHandled: Boolean);
begin
if TextIsSame(AAuthType, 'Bearer') then begin
// process AAuthData and assign VUsername and VPassword as needed...
VHandled := True;
end;
end;
UPDATE: starting in Indy v10.6.3.3, the TIdCustomHTTPServer.DoParseAuthentication() method is now virtual, so you can alternatively derive a new class from TIdHTTPWebBrokerBridge and override it, eg:
type
TMyHTTPWebBrokerBridge = class(TIdHTTPWebBrokerBridge)
protected
function DoParseAuthentication(ASender: TIdContext;
const AAuthType, AAuthData: String;
var VUsername, VPassword: String): Boolean; override;
end;
procedure TForm1.FormCreate(Sender: TObject);
begin
//FServer := TIdHTTPWebBrokerBridge.Create(Self);
FServer := TMyHTTPWebBrokerBridge.Create(Self);
end;
function TMyHTTPWebBrokerBridge.DoParseAuthentication(ASender: TIdContext;
const AAuthType, AAuthData: String;
var VUsername, VPassword: String): Boolean;
begin
if TextIsSame(AAuthType, 'Bearer') then begin
// process AAuthData and assign VUsername and VPassword as needed...
Result := True;
end else
Result := inherited DoParseAuthentication(ASender, AAuthType, AAuthData, VUsername, VPassword);
end;
- error in rendering a RESTful comments in ejs
- How to get body of a POST in php?
- Get aws bucket content listing using Postman - "Get Bucket (Version 2)" RestAPI
- How to update custom field in JIRA via REST API?
- Symfony post request body parameters?
- How to make Amazon AWS API call from Java?
- Keycloak. Could not find client when trying to create a client-level role
- HTTP PATCH method. Content in the request body
- How can I ensure a domain name isn't already taken before creating Azure B2C tenant?
- Swagger integration into Dropwizard
- Nexus REST API query artifacts within a group
- Unable to upload zip file through karate framework
- I need to generate QR code for some data, I don't want to use System.Drawing.Common . Any other suiatble way for generating QR code using C#
- Spring RestTemplate timeout
- REST 404 vs 400. Which one to use?
- Get build details for all builds of all jobs from Jenkins REST API
- Documenting a Spring HATEOAS API
- Good tools for writing rest api technical especification
- raml 1.0 response types
- How to create example of arrays in RAML v1.0
- Creating html doc from postman collection
- Ceridian Dayforce HRIS API location
- Access to Shopware API from CLI command without Client Credentials
- Customize laravel sanctum unauthorize response
- Spring Boot: Cannot access REST Controller on localhost (404)
- api platform - Unable to generate an IRI for the item
- Couldn't parse share document: error in LinkedIn REST API share
- Documenting APIs - /me endpoints
- Secrets and Certificate Expiry with Graph Powershell
- C#, RestSharp, Type or Namespace name "HttpBasicAuthenticator" could not be found