diff --git a/CORE/Source/Basic/Mechanics/uRESTDWAuthenticators.pas b/CORE/Source/Basic/Mechanics/uRESTDWAuthenticators.pas index e8efad57..228e4d6f 100644 --- a/CORE/Source/Basic/Mechanics/uRESTDWAuthenticators.pas +++ b/CORE/Source/Basic/Mechanics/uRESTDWAuthenticators.pas @@ -29,23 +29,6 @@ interface uRESTDWTools, uRESTDWParams; type - TOnBasicAuth = Procedure(Welcomemsg, AccessTag, DataRoute, - Username, Password : String; - Var Params : TRESTDWParams; - Var ErrorCode : Integer; - Var ErrorMessage : String; - Var Accept : Boolean) Of Object; - TOnGetToken = Procedure(Welcomemsg, - AccessTag : String; - Params : TRESTDWParams; -// AuthOptions : TRESTDWAuthToken; - Var ErrorCode : Integer; - Var ErrorMessage : String; - Var TokenID : String; - Var Accept : Boolean) Of Object; - TOnRenewToken = Procedure() of Object; - - TRESTDWAuthenticatorBase = class(TRESTDWComponent) private FAuthDialog: Boolean; @@ -56,23 +39,38 @@ TRESTDWAuthenticatorBase = class(TRESTDWComponent) property AuthDialog: Boolean read FAuthDialog write FAuthDialog; end; - TRESTDWAuthBasic = class(TRESTDWAuthenticatorBase) + // Classe Especifica para Autenticacao pelo Server + TRESTDWServerAuthBase = class(TRESTDWAuthenticatorBase) + private + + public + function AuthValidate(ADataModuleRESTDW: TObject; + AUrlToExec, AWelcomeMessage, AAccessTag, AAuthUsername, AAuthPassword: String; + ARawHeaders: TStrings; ARequestType: TRequestType; var ADWParams: TRESTDWParams; + var AGetToken: Boolean; var ATokenValidate: Boolean; var AToken: String; + var AErrorCode: Integer; var AErrorMessage: String; var AAcceptAuth: Boolean): Boolean; virtual; abstract; + end; + + TRESTDWAuthBasic = class(TRESTDWServerAuthBase) private FPassword: String; FUserName: String; - FOnBasicAuth: TOnBasicAuth; + procedure PrepareBasicAuth(AAuthenticationString: String; var AAuthUsername, AAuthPassword: String); public - constructor Create(aOwner: TComponent); override; + constructor Create(AOwner: TComponent); override; destructor Destroy; override; - function ValidateAuth(aUserName, aPassword: string): boolean; + function AuthValidate(ADataModuleRESTDW: TObject; + AUrlToExec, AWelcomeMessage, AAccessTag, AAuthUsername, AAuthPassword: String; + ARawHeaders: TStrings; ARequestType: TRequestType; var ADWParams: TRESTDWParams; + var AGetToken: Boolean; var ATokenValidate: Boolean; var AToken: String; + var AErrorCode: Integer; var AErrorMessage: String; var AAcceptAuth: Boolean): Boolean; override; + function ValidateAuth(AUserName, APassword: string): boolean; published property UserName: String read FUserName write FUserName; property Password: String read FPassword write FPassword; - //eventos - property OnBasicAuth: TOnBasicAuth read FOnBasicAuth write FOnBasicAuth; end; - TRESTDWAuthToken = class(TRESTDWAuthenticatorBase) + TRESTDWAuthToken = class(TRESTDWServerAuthBase) private FBeginTime: TDateTime; FEndTime: TDateTime; @@ -89,13 +87,17 @@ TRESTDWAuthToken = class(TRESTDWAuthenticatorBase) FToken: String; FAutoGetToken: Boolean; FAutoRenewToken: Boolean; - FOnGetToken: TOnGetToken; - FOnRenewToken: TOnRenewToken; procedure ClearToken; procedure SetGetTokenEvent(AValue: String); procedure SetToken(AValue: String); function GetTokenType(AValue: String): TRESTDWTokenType; function GetCryptType(AValue: String): TRESTDWCryptType; + procedure GenerateToken(ADataModuleRESTDW: TObject; ARequestType: TRequestType; + AParams: TRESTDWParams; ARawHeaders: TStrings; + AWelcomeMessage, AAccessTag: String; + var ATokenValidate: Boolean; var AToken: String; + var AGetToken: Boolean; var AErrorCode: Integer; + var AErrorMessage: String; var AAcceptAuth: Boolean); public constructor Create(aOwner: TComponent); override; destructor Destroy; override; @@ -103,6 +105,11 @@ TRESTDWAuthToken = class(TRESTDWAuthenticatorBase) procedure FromToken(ATokenValue: String); function GetToken(ASecrets: String): String; function ValidateToken(AValue: String): Boolean; overload; + function AuthValidate(ADataModuleRESTDW: TObject; + AUrlToExec, AWelcomeMessage, AAccessTag, AAuthUsername, AAuthPassword: String; + ARawHeaders: TStrings; ARequestType: TRequestType; var ADWParams: TRESTDWParams; + var AGetToken: Boolean; var ATokenValidate: Boolean; var AToken: String; + var AErrorCode: Integer; var AErrorMessage: String; var AAcceptAuth: Boolean): Boolean; override; published property BeginTime: TDateTime read FBeginTime write FBeginTime; property EndTime: TDateTime read FEndTime write FEndTime; @@ -122,12 +129,9 @@ TRESTDWAuthToken = class(TRESTDWAuthenticatorBase) property Token: String read FToken write SetToken; property AutoGetToken: Boolean read FAutoGetToken write FAutoGetToken; property AutoRenewToken: Boolean read FAutoRenewToken write FAutoRenewToken; - // eventos - Property OnGetToken: TOnGetToken Read FOnGetToken Write FOnGetToken; - Property OnRenewToken: TOnRenewToken Read FOnRenewToken Write FOnRenewToken; end; - TRESTDWAuthOAuth = class(TRESTDWAuthenticatorBase) + TRESTDWAuthOAuth = class(TRESTDWServerAuthBase) private FTokenType: TRESTDWAuthOptionTypes; FAutoBuildHex: Boolean; @@ -141,6 +145,11 @@ TRESTDWAuthOAuth = class(TRESTDWAuthenticatorBase) FExpiresIn: TDateTime; public constructor Create(aOwner: TComponent); override; + function AuthValidate(ADataModuleRESTDW: TObject; + AUrlToExec, AWelcomeMessage, AAccessTag, AAuthUsername, AAuthPassword: String; + ARawHeaders: TStrings; ARequestType: TRequestType; var ADWParams: TRESTDWParams; + var AGetToken: Boolean; var ATokenValidate: Boolean; var AToken: String; + var AErrorCode: Integer; var AErrorMessage: String; var AAcceptAuth: Boolean): Boolean; override; published property TokenType: TRESTDWAuthOptionTypes read FTokenType write FTokenType; property AutoBuildHex: Boolean read FAutoBuildHex write FAutoBuildHex; @@ -154,10 +163,66 @@ TRESTDWAuthOAuth = class(TRESTDWAuthenticatorBase) property ExpiresIn: TDateTime read FExpiresIn; end; + TOnUserBasicAuth = Procedure(Welcomemsg, AccessTag, + Username, Password : String; + Var Params : TRESTDWParams; + Var ErrorCode : Integer; + Var ErrorMessage : String; + Var Accept : Boolean) Of Object; + + TOnGetToken = Procedure(Welcomemsg, + AccessTag : String; + Params : TRESTDWParams; + AuthOptions : TRESTDWAuthToken; + Var ErrorCode : Integer; + Var ErrorMessage : String; + Var TokenID : String; + Var Accept : Boolean) Of Object; + + TOnUserTokenAuth = Procedure(Welcomemsg, + AccessTag : String; + Params : TRESTDWParams; + AuthOptions : TRESTDWAuthToken; + Var ErrorCode : Integer; + Var ErrorMessage : String; + Var TokenID : String; + Var Accept : Boolean) Of Object; + + + + TOnRenewToken = Procedure() of Object; + + implementation +uses + uRESTDWDatamodule; + { TRESTDWAuthBasic } +function TRESTDWAuthBasic.AuthValidate(ADataModuleRESTDW: TObject; AUrlToExec, + AWelcomeMessage, AAccessTag, AAuthUsername, AAuthPassword: String; + ARawHeaders: TStrings; ARequestType: TRequestType; + var ADWParams: TRESTDWParams; var AGetToken, ATokenValidate: Boolean; + var AToken: String; var AErrorCode: Integer; var AErrorMessage: String; + var AAcceptAuth: Boolean): Boolean; +var + LAuthenticationString: String; +begin + LAuthenticationString := DecodeStrings(StringReplace(ARawHeaders.Values['Authorization'], 'Basic ', '', [rfReplaceAll]){$IFDEF RESTDWLAZARUS}, csUndefined{$ENDIF}); + + if (LAuthenticationString <> '') and ((AAuthUsername = '') and (AAuthPassword = '')) then + Self.PrepareBasicAuth(LAuthenticationString, AAuthUsername, AAuthPassword); + + if Assigned(TServerMethodDataModule(ADataModuleRESTDW).OnUserBasicAuth) then + TServerMethodDataModule(ADataModuleRESTDW).OnUserBasicAuth(AWelcomeMessage, AAccessTag, AAuthUsername, + AAuthPassword, ADWParams, AErrorCode, AErrorMessage, AAcceptAuth) + else + AAcceptAuth := Self.ValidateAuth(AAuthUsername, AAuthPassword); + + Result := AAcceptAuth; +end; + constructor TRESTDWAuthBasic.Create(aOwner: TComponent); begin inherited; @@ -171,6 +236,14 @@ destructor TRESTDWAuthBasic.Destroy; inherited; end; +procedure TRESTDWAuthBasic.PrepareBasicAuth(AAuthenticationString: String; + var AAuthUsername, AAuthPassword: String); +begin + AAuthUsername := Copy(AAuthenticationString, InitStrPos, Pos(':', AAuthenticationString) -1); + Delete(AAuthenticationString, InitStrPos, Pos(':', AAuthenticationString)); + AAuthPassword := AAuthenticationString; +end; + function TRESTDWAuthBasic.ValidateAuth(aUserName, aPassword: string): boolean; begin Result := (aUserName = UserName) and (aPassword = Password) @@ -196,6 +269,80 @@ procedure TRESTDWAuthToken.Assign(ASource: TPersistent); inherited Assign(ASource); end; +function TRESTDWAuthToken.AuthValidate(ADataModuleRESTDW: TObject; AUrlToExec, + AWelcomeMessage, AAccessTag, AAuthUsername, AAuthPassword: String; + ARawHeaders: TStrings; ARequestType: TRequestType; + var ADWParams: TRESTDWParams; var AGetToken, ATokenValidate: Boolean; + var AToken: String; var AErrorCode: Integer; var AErrorMessage: String; + var AAcceptAuth: Boolean): Boolean; +var + LUrlToken, LToken, LTokenOrig: String; + LAuthTokenParam: TRESTDWAuthToken; +begin + // Se for o Evento Get Token + LUrlToken := LowerCase(AUrlToExec); + + if Copy(LUrlToken, InitStrPos, 1) = '/' then + Delete(LUrlToken, InitStrPos, 1); + + if LUrlToken = LowerCase(Self.GetTokenEvent) then + begin + Self.GenerateToken(ADataModuleRESTDW, ARequestType, ADWParams, ARawHeaders, + AWelcomeMessage, AAccessTag, ATokenValidate, + AToken, AGetToken, AErrorCode, AErrorMessage, AAcceptAuth); + Exit; + end; + + // Se for Validar o Token + AErrorCode := 401; + AErrorMessage := cInvalidAuth; + ATokenValidate := True; + LTokenOrig := AToken; + + LAuthTokenParam := TRESTDWAuthToken.Create(self); + LAuthTokenParam.Assign(Self); + + if ADWParams.ItemsString[Self.Key] <> Nil then + AToken := ADWParams.ItemsString[Self.Key].AsString + else + begin + if Trim(AToken) = '' then + AToken := ARawHeaders.Values['Authorization']; + + if Trim(AToken) <> '' then + begin + LToken := GetTokenString(AToken); + + if LToken = '' then + LToken := GetBearerString(AToken); + + if LToken = '' then + LToken := LTokenOrig; + + AToken := LToken; + end; + end; + + if not LAuthTokenParam.ValidateToken(AToken) then + begin + AAcceptAuth := False; + Exit; + end + else + ATokenValidate := False; + + if Assigned(TServerMethodDatamodule(ADataModuleRESTDW).OnUserTokenAuth) then + begin + TServerMethodDatamodule(ADataModuleRESTDW).OnUserTokenAuth(AWelcomeMessage, AAccessTag, ADWParams, + TRESTDWAuthToken(LAuthTokenParam), + AErrorCode, AErrorMessage, AToken, AAcceptAuth); + + ATokenValidate := Not(AAcceptAuth); + end; + + Result := AAcceptAuth; +end; + procedure TRESTDWAuthToken.ClearToken; begin FSecrets := ''; @@ -299,6 +446,50 @@ procedure TRESTDWAuthToken.FromToken(ATokenValue: String); end; end; +procedure TRESTDWAuthToken.GenerateToken(ADataModuleRESTDW: TObject; + ARequestType: TRequestType; AParams: TRESTDWParams; ARawHeaders: TStrings; + AWelcomeMessage, AAccessTag: String; var ATokenValidate: Boolean; var AToken: String; + var AGetToken: Boolean; var AErrorCode: Integer; var AErrorMessage: String; + var AAcceptAuth: Boolean); +var + LAuthTokenParam: TRESTDWAuthToken; + LParams: TRESTDWParams; +begin + AGetToken := True; + AErrorCode := 404; + AErrorMessage := cEventNotFound; + + if (RequestTypeToRoute(ARequestType) in Self.GetTokenRoutes) or + (crAll in Self.GetTokenRoutes) then + begin + if Assigned(TServerMethodDataModule(ADataModuleRESTDW).OnGetToken) then + begin + ATokenValidate := True; + LAuthTokenParam := TRESTDWAuthToken.Create(Self); + LAuthTokenParam.Assign(Self); + + {$IFNDEF FPC} + if Trim(AToken) = '' Then + AToken := ARawHeaders.Values['Authorization']; + {$ENDIF} + + if AParams.ItemsString['RDWParams'] <> Nil then + begin + LParams := TRESTDWParams.Create; + LParams.FromJSON(AParams.ItemsString['RDWParams'].Value); + + TServerMethodDataModule(ADataModuleRESTDW).OnGetToken(AWelcomeMessage, AAccessTag, LParams, LAuthTokenParam, + AErrorCode, AErrorMessage, AToken, AAcceptAuth); + + FreeAndNil(LParams); + end + else + TServerMethodDataModule(ADataModuleRESTDW).OnGetToken(AWelcomeMessage, AAccessTag, AParams, LAuthTokenParam, + AErrorCode, AErrorMessage, AToken, AAcceptAuth); + end; + end; +end; + function TRESTDWAuthToken.GetCryptType(AValue: String): TRESTDWCryptType; begin Result := rdwAES256; @@ -332,7 +523,7 @@ function TRESTDWAuthToken.GetToken(ASecrets: String): String; finally FreeAndNil(LTokenValue); end; -End; +end; function TRESTDWAuthToken.GetTokenType(AValue: String): TRESTDWTokenType; begin @@ -519,6 +710,18 @@ function TRESTDWAuthToken.ValidateToken(AValue: String): Boolean; { TRESTDWAuthOAuth } +function TRESTDWAuthOAuth.AuthValidate(ADataModuleRESTDW: TObject; AUrlToExec, + AWelcomeMessage, AAccessTag, AAuthUsername, AAuthPassword: String; + ARawHeaders: TStrings; ARequestType: TRequestType; + var ADWParams: TRESTDWParams; var AGetToken, ATokenValidate: Boolean; + var AToken: String; var AErrorCode: Integer; var AErrorMessage: String; + var AAcceptAuth: Boolean): Boolean; +begin + AAcceptAuth := False; + Result := False; + raise Exception.Create(cErrorOAuthNotImplenented); +end; + constructor TRESTDWAuthOAuth.Create(aOwner: TComponent); begin inherited; diff --git a/CORE/Source/Basic/uRESTDWBasic.pas b/CORE/Source/Basic/uRESTDWBasic.pas index 780b4320..ab7feae3 100644 --- a/CORE/Source/Basic/uRESTDWBasic.pas +++ b/CORE/Source/Basic/uRESTDWBasic.pas @@ -382,7 +382,7 @@ TRESTDWServerIpVersionConfig = class(TPersistent) vForceWelcomeAccess, vCORS, vActive : Boolean; - vAuthenticator : TRESTDWAuthenticatorBase; + vAuthenticator : TRESTDWServerAuthBase; // vAuthMessages : TRESTDWAuthMessages; vProxyOptions : TProxyConnectionInfo; vServiceTimeout, @@ -553,7 +553,7 @@ TRESTDWServerIpVersionConfig = class(TPersistent) Var ErrorCode : Integer) : Boolean; Protected procedure Notification(AComponent: TComponent; Operation: TOperation); override; - procedure SetAuthenticator(const Value: TRESTDWAuthenticatorBase); + procedure SetAuthenticator(const Value: TRESTDWServerAuthBase); Public Procedure EchoPooler (ServerMethodsClass : TComponent; AContext : TComponent; @@ -592,7 +592,7 @@ TRESTDWServerIpVersionConfig = class(TPersistent) Destructor Destroy; Override;//Destroy a Classe Published Property Active : Boolean Read vActive Write SetActive; - Property Authenticator : TRESTDWAuthenticatorBase Read vAuthenticator Write SetAuthenticator; + Property Authenticator : TRESTDWServerAuthBase Read vAuthenticator Write SetAuthenticator; // Property AuthMessages : TRESTDWAuthMessages Read vAuthMessages Write vAuthMessages; Property CORS : Boolean Read vCORS Write vCORS; Property CORS_CustomHeaders : TStringList Read vCORSCustomHeaders Write SetCORSCustomHeader; @@ -1813,13 +1813,6 @@ procedure TRESTClientPoolerBase.SetIpVersion(IpV: TRESTDWClientIpVersions); End; End; - Procedure PrepareBasicAuth(AuthenticationString : String; Var AuthUsername, AuthPassword : String); - Begin - AuthUsername := Copy(AuthenticationString, InitStrPos, Pos(':', AuthenticationString) -1); - Delete(AuthenticationString, InitStrPos, Pos(':', AuthenticationString)); - AuthPassword := AuthenticationString; - End; - Procedure WriteResponseText(aText: string; aStatusCode: integer; aContentType: string = 'application/json'); var aStreamResponse: TStream; @@ -1922,7 +1915,7 @@ procedure TRESTClientPoolerBase.SetIpVersion(IpV: TRESTDWClientIpVersions); vErrorCode := 200; vIsQueryParam := False; vUrlToExec := ''; - vToken := ''; + vToken := Token; vDataBuff := ''; vRequestHeader := TStringList.Create; vCompareContext := False; @@ -2880,156 +2873,39 @@ procedure TRESTClientPoolerBase.SetIpVersion(IpV: TRESTDWClientIpVersions); vNeedAuthorization := vTempEvent.NeedAuthorization; If vNeedAuthorization Then - If vAuthenticator is TRESTDWAuthBasic Then - Begin {$REGION AuthBasic} - vAuthenticationString := DecodeStrings(StringReplace(RawHeaders.Values['Authorization'], 'Basic ', '', [rfReplaceAll]){$IFDEF RESTDWLAZARUS}, vDatabaseCharSet{$ENDIF}); - If (vAuthenticationString <> '') And ((AuthUsername = '') And - (AuthPassword = '')) Then - PrepareBasicAuth(vAuthenticationString, AuthUsername, AuthPassword); - - if Assigned(TRESTDWAuthBasic(Authenticator).OnBasicAuth) then - TRESTDWAuthBasic(Authenticator).OnBasicAuth(vWelcomeMessage, - vAccessTag, - vDataRoute, - AuthUsername, - AuthPassword, - DWParams, - vErrorCode, - vErrorMessage, - vAcceptAuth) - else - vAcceptAuth := TRESTDWAuthBasic(vAuthenticator).ValidateAuth( - AuthUsername, AuthPassword); - - If Not vAcceptAuth Then + Begin + // Aqui que Valida a Autenticação + vAuthenticator.AuthValidate(vTempServerMethods, + vUrlToExec, + vWelcomeMessage, + vAccessTag, + AuthUsername, + AuthPassword, + RawHeaders, + RequestType, + DWParams, + vGettoken, + vTokenValidate, + vToken, + vErrorCode, vErrorMessage, vAcceptAuth); + + If Not vAcceptAuth Then Begin AuthRealm := cAuthRealm; WriteError; DestroyComponents; Exit; End; - End {$ENDREGION} - Else If vAuthenticator is TRESTDWAuthToken Then - Begin {$REGION AuthToken} - vUrlToken := Lowercase(vUrlToExec); - If Copy(vUrlToken, InitStrPos, 1) = '/' then - Delete(vUrlToken, InitStrPos, 1); - If vUrlToken = - Lowercase(TRESTDWAuthToken(vAuthenticator).GetTokenEvent) Then - Begin - vGettoken := True; - vErrorCode := 404; - vErrorMessage := cEventNotFound; - If (RequestTypeToRoute(RequestType) In TRESTDWAuthToken(vAuthenticator).GetTokenRoutes) Or - (crAll in TRESTDWAuthToken(vAuthenticator).GetTokenRoutes) Then - Begin - If CORS Then - Begin - PCustomHeaders := @ResponseHeaders; - BuildCORS(TRESTDWAuthToken(vAuthenticator).GetTokenRoutes, TStrings(PCustomHeaders^)); - End; - if Assigned(TRESTDWAuthToken(vAuthenticator).OnGetToken) then -// If Assigned(TServerMethodDatamodule(vTempServerMethods).OnGetToken) Then - Begin - vTokenValidate := True; - vAuthTokenParam := TRESTDWAuthToken.Create(self); - vAuthTokenParam.Assign(TRESTDWAuthToken(vAuthenticator)); - {$IFNDEF FPC} - If Trim(Token) <> '' Then - vToken := Token - Else - vToken := RawHeaders.Values['Authorization']; - {$ENDIF} - If DWParams.ItemsString['RDWParams'] <> Nil Then - Begin - DWParamsD := TRESTDWParams.Create; - if vCripto.Use then - DWParamsD.FromJSON(vCripto.Decrypt(DWParams.ItemsString['RDWParams'].Value)) - else - DWParamsD.FromJSON(DWParams.ItemsString['RDWParams'].Value); - TRESTDWAuthToken(vAuthenticator).OnGetToken(vWelcomeMessage, vAccessTag, DWParamsD, - vErrorCode, vErrorMessage, vToken, vAcceptAuth); -// TServerMethodDatamodule(vTempServerMethods).OnGetToken(vWelcomeMessage, vAccessTag, DWParamsD, -// TRESTDWAuthToken(vAuthTokenParam), -// vErrorCode, vErrorMessage, vToken, vAcceptAuth); - FreeAndNil(DWParamsD); - End - Else - TRESTDWAuthToken(vAuthenticator).OnGetToken(vWelcomeMessage, vAccessTag, DWParamsD, - vErrorCode, vErrorMessage, vToken, vAcceptAuth); - If Not vAcceptAuth Then - Begin - WriteError; - DestroyComponents; - Exit; - End; - End - Else - Begin - WriteError; - DestroyComponents; - Exit; - End; - End - Else - Begin - WriteError; - DestroyComponents; - Exit; - End; - End - Else - Begin - vErrorCode := 401; - vErrorMessage := cInvalidAuth; - vTokenValidate := True; - vAuthTokenParam := TRESTDWAuthToken.Create(self); - vAuthTokenParam.Assign(TRESTDWAuthToken(vAuthenticator)); - If DWParams.ItemsString[TRESTDWAuthToken(vAuthenticator).Key] <> Nil Then - vToken := DWParams.ItemsString[TRESTDWAuthToken(vAuthenticator).Key].AsString - Else - Begin - If Trim(Token) <> '' Then - vToken := Token - Else - vToken := RawHeaders.Values['Authorization']; - If Trim(vToken) <> '' Then - Begin - aToken := GetTokenString(vToken); - If aToken = '' Then - aToken := GetBearerString(vToken); - If aToken = '' Then - aToken := Token; - vToken := aToken; - End; - End; - If Not vAuthTokenParam.ValidateToken(vToken) Then - Begin - WriteError; - DestroyComponents; - Exit; - End - Else - vTokenValidate := False; - If Assigned(TServerMethodDatamodule(vTempServerMethods).OnUserTokenAuth) Then - Begin - TServerMethodDatamodule(vTempServerMethods).OnUserTokenAuth(vWelcomeMessage, vAccessTag, DWParams, - TRESTDWAuthToken(vAuthTokenParam), - vErrorCode, vErrorMessage, vToken, vAcceptAuth); - vTokenValidate := Not(vAcceptAuth); - If Not vAcceptAuth Then - Begin - WriteError; - DestroyComponents; - Exit; - End; - End; - End; - End{$ENDREGION} - Else If vAuthenticator is TRESTDWAuthOAuth Then - raise Exception.Create(cErrorOAuthNotImplenented); - vErrorCode := 200; - vErrorMessage := ''; + End; + + vErrorCode := 200; + vErrorMessage := ''; + + If vGettoken and CORS Then + Begin + PCustomHeaders := @ResponseHeaders; + BuildCORS(TRESTDWAuthToken(vAuthenticator).GetTokenRoutes, TStrings(PCustomHeaders^)); + End; End Else If Assigned(TServerMethodDatamodule(vTempServerMethods).OnWelcomeMessage) then @@ -3384,7 +3260,7 @@ procedure TRESTClientPoolerBase.SetIpVersion(IpV: TRESTDWClientIpVersions); End; procedure TRESTServiceBase.SetAuthenticator( - const Value: TRESTDWAuthenticatorBase); + const Value: TRESTDWServerAuthBase); begin if Value <> vAuthenticator then vAuthenticator := Value; diff --git a/CORE/Source/Plugins/DMDados/uRESTDWDatamodule.pas b/CORE/Source/Plugins/DMDados/uRESTDWDatamodule.pas index 1949aa1a..e14b8b6b 100644 --- a/CORE/Source/Plugins/DMDados/uRESTDWDatamodule.pas +++ b/CORE/Source/Plugins/DMDados/uRESTDWDatamodule.pas @@ -8,23 +8,8 @@ interface SysUtils, Classes, uRESTDWDataUtils, uRESTDWComponentEvents, uRESTDWBasicTypes, uRESTDWConsts, uRESTDWJSONObject, uRESTDWParams, uRESTDWAuthenticators; -Type -// TUserBasicAuth = Procedure(Welcomemsg, AccessTag, -// Username, Password : String; -// Var Params : TRESTDWParams; -// Var ErrorCode : Integer; -// Var ErrorMessage : String; -// Var Accept : Boolean) Of Object; - TUserTokenAuth = Procedure(Welcomemsg, - AccessTag : String; - Params : TRESTDWParams; - AuthOptions : TRESTDWAuthToken; - Var ErrorCode : Integer; - Var ErrorMessage : String; - Var TokenID : String; - Var Accept : Boolean) Of Object; - Type +Type TRESTDWClientInfo = Class(TObject) Private vip, @@ -56,9 +41,9 @@ interface vReplyEvent : TRESTDWReplyEvent; vWelcomeMessage : TWelcomeMessage; vMassiveProcess : TMassiveProcess; -// vUserBasicAuth : TUserBasicAuth; - vUserTokenAuth : TUserTokenAuth; -// vOnGetToken : TOnGetToken; + vUserBasicAuth : TOnUserBasicAuth; + vUserTokenAuth : TOnUserTokenAuth; + vOnGetToken : TOnGetToken; vOnMassiveBegin, vOnMassiveAfterStartTransaction, vOnMassiveAfterBeforeCommit, @@ -94,9 +79,9 @@ interface Property OnMassiveAfterBeforeCommit : TMassiveEvent Read vOnMassiveAfterBeforeCommit Write vOnMassiveAfterBeforeCommit; Property OnMassiveAfterAfterCommit : TMassiveEvent Read vOnMassiveAfterAfterCommit Write vOnMassiveAfterAfterCommit; Property OnMassiveEnd : TMassiveEvent Read vOnMassiveEnd Write vOnMassiveEnd; -// Property OnUserBasicAuth : TUserBasicAuth Read vUserBasicAuth Write vUserBasicAuth; - Property OnUserTokenAuth : TUserTokenAuth Read vUserTokenAuth Write vUserTokenAuth; -// Property OnGetToken : TOnGetToken Read vOnGetToken Write vOnGetToken; + Property OnUserBasicAuth : TOnUserBasicAuth Read vUserBasicAuth Write vUserBasicAuth; + Property OnUserTokenAuth : TOnUserTokenAuth Read vUserTokenAuth Write vUserTokenAuth; + Property OnGetToken : TOnGetToken Read vOnGetToken Write vOnGetToken; Property QueuedRequest : Boolean Read vQueuedRequest Write vQueuedRequest; End;