mORMot and Open Source friends
Check-in [ef9634a4ac]
Not logged in
Home Documentation Forum Download Blog Donate Timeline Tickets Wiki Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:added TSQLRestClientHTTP.SetHttpBasicAuthHeaders() method to be used e.g. when the mORMot server is hidden behind a HTTPS proxy, requesting HTTP Basic authentication
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: ef9634a4acc9959a0ff2ee4563d210a58b794b12
User & Date: User 2014-08-08 08:44:11
Context
2014-08-08
09:49
added TTextWriter.AddXmlEscape() method also added property EscapeInvert: boolean to invert the HTML characters escaping process for Mustache templates (used e.g. in mORMotWrapper.pas for code generation) check-in: 00777c9b04 user: User tags: trunk
08:44
added TSQLRestClientHTTP.SetHttpBasicAuthHeaders() method to be used e.g. when the mORMot server is hidden behind a HTTPS proxy, requesting HTTP Basic authentication check-in: ef9634a4ac user: User tags: trunk
08:22
added TSQLRestServerURIContext.Input*OrVoid[] properties and refactoring of the various TSQLRestAuthentication*.Auth() methods to use the Input*[] property instead of UrlDecode*() check-in: d0dcc2ed76 user: User tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to CrossPlatform/SynCrossPlatformREST.pas. 

900
901
902
903
904
905
906

907
908
909
910
911
912
913
914
915
916







917
918
919
920
921
922
923
....
2505
2506
2507
2508
2509
2510
2511


2512
2513
2514
2515
2516
2517
2518
....
2531
2532
2533
2534
2535
2536
2537












2538
2539
2540
2541
2542
2543
2544

  /// REST client via HTTP
  // - note that this implementation is not thread-safe yet
  TSQLRestClientHTTP = class(TSQLRestClientURI)
  protected
    fConnection: TAbstractHttpConnection;
    fParameters: TSQLRestConnectionParams;
    fKeepAlive: Integer;

    procedure InternalURI(var Call: TSQLRestURIParams); override;
  public
    /// access to a mORMot server via HTTP
    constructor Create(const aServer: string; aPort: integer; aModel: TSQLModel;
      aHttps: boolean=false
    {$ifndef ISSMS}; const aProxyName: string='';
      const aProxyByPass: string=''; aSendTimeout: Cardinal=30000;
      aReceiveTimeout: Cardinal=30000{$endif}); reintroduce; virtual;
    /// finalize the connection
    destructor Destroy; override;








    /// the associated connection, if active
    property Connection: TAbstractHttpConnection read fConnection;
    /// the connection parameters
    property Parameters: TSQLRestConnectionParams read fParameters;
    /// the keep-alive timout, in ms (20000 by default)
    property KeepAlive: Integer read fKeepAlive write fKeepAlive;
................................................................................
  inType := FindHeader(Call.InHead,'content-type:');
  if inType='' then begin
    if OnlyJSONRequests then
      inType := JSON_CONTENT_TYPE else
      inType := 'text/plain'; // avoid slow CORS preflighted requests
    Call.InHead := trim(Call.InHead+#13#10'content-type:'+inType);
  end;


  for retry := 0 to 1 do begin
    if fConnection=nil then
      try
        fConnection := HttpConnectionClass.Create(fParameters);
        // TODO: handle SynLZ compression and SHA/AES encryption?
      except
        on E: Exception do begin
................................................................................
      on E: Exception do begin
        fConnection.Free;
        fConnection := nil;
      end; // will retry once (e.g. if connection broken)
    end;
  end;
end;














{ TSQLAuthUser }

{$ifdef ISSMS}

class function TSQLAuthUser.ComputeRTTI: TRTTIPropInfos;







>










>
>
>
>
>
>
>







 







>
>







 







>
>
>
>
>
>
>
>
>
>
>
>








900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
....
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
....
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566

  /// REST client via HTTP
  // - note that this implementation is not thread-safe yet
  TSQLRestClientHTTP = class(TSQLRestClientURI)
  protected
    fConnection: TAbstractHttpConnection;
    fParameters: TSQLRestConnectionParams;
    fKeepAlive: Integer;
    fCustomHttpHeader: RawUTF8; // e.g. for SetHttpBasicAuthHeaders()
    procedure InternalURI(var Call: TSQLRestURIParams); override;
  public
    /// access to a mORMot server via HTTP
    constructor Create(const aServer: string; aPort: integer; aModel: TSQLModel;
      aHttps: boolean=false
    {$ifndef ISSMS}; const aProxyName: string='';
      const aProxyByPass: string=''; aSendTimeout: Cardinal=30000;
      aReceiveTimeout: Cardinal=30000{$endif}); reintroduce; virtual;
    /// finalize the connection
    destructor Destroy; override;
    /// force the HTTP headers of any request to contain some HTTP BASIC
    // authentication, without creating any remote session
    // - here the password should be given as clear content
    // - potential use case is to use a mORMot client through a HTTPS proxy
    // - then you can use TSQLRestServerAuthentication*.ClientSetUser() to
    // define any another "mORMot only" authentication
    procedure SetHttpBasicAuthHeaders(const aUserName, aPasswordClear: RawUTF8);

    /// the associated connection, if active
    property Connection: TAbstractHttpConnection read fConnection;
    /// the connection parameters
    property Parameters: TSQLRestConnectionParams read fParameters;
    /// the keep-alive timout, in ms (20000 by default)
    property KeepAlive: Integer read fKeepAlive write fKeepAlive;
................................................................................
  inType := FindHeader(Call.InHead,'content-type:');
  if inType='' then begin
    if OnlyJSONRequests then
      inType := JSON_CONTENT_TYPE else
      inType := 'text/plain'; // avoid slow CORS preflighted requests
    Call.InHead := trim(Call.InHead+#13#10'content-type:'+inType);
  end;
  if fCustomHttpHeader<>'' then
    Call.InHead := Trim(Call.InHead+fCustomHttpHeader);
  for retry := 0 to 1 do begin
    if fConnection=nil then
      try
        fConnection := HttpConnectionClass.Create(fParameters);
        // TODO: handle SynLZ compression and SHA/AES encryption?
      except
        on E: Exception do begin
................................................................................
      on E: Exception do begin
        fConnection.Free;
        fConnection := nil;
      end; // will retry once (e.g. if connection broken)
    end;
  end;
end;

procedure TSQLRestClientHTTP.SetHttpBasicAuthHeaders(const aUserName, aPasswordClear: RawUTF8);
var base64: RawUTF8;
begin
  base64 := aUsername+':'+aPasswordClear;
  {$ifdef ISSMS}
  base64 := w3_base64encode(base64);
  {$else}
  base64 := BytesToBase64JSONString(TByteDynArray(TextToHttpBody(base64)));
  {$endif}
  fCustomHttpHeader := #13#10'Authorization: Basic '+base64;
end;


{ TSQLAuthUser }

{$ifdef ISSMS}

class function TSQLAuthUser.ComputeRTTI: TRTTIPropInfos;

©2010-2022 Synopse Informatique