Hi,
no solution for SAML 2.0 but in my case client also has OAuth2 authentication...
So I made a half of a real good solution...
In the LoginForm the user click on a button that redirect to sign-on
Note: XXX is the name of the client
procedure TUniLoginForm1.btNextXXXClick(Sender: TObject);
var
_XXXurl, _state: string;
begin
//redirect login
_XXXurl:='https://login-dev.XXX.com/adfs/oauth2/authorize?response_type=code'+
'&resource=XXXClientPortal'+
'&client_id=a123-b456-c789'+
'&redirect_uri=http://dev.test.it:8077/?callback=XXX';
//add an encrypted string in parameter state that will returned back without modification
_state:='&state='+XEncrypt(edCodCliente.Text+'|'+edCodUtente.Text+'|'+DateTimeToStr(NOW)+'|'+UniSession.SessionId);
_XXXurl:=_XXXurl+_state;
UniSession.UrlRedirect(_XXXurl);
end;
In MainModule
procedure TUniMainModule.UniGUIMainModuleBeforeLogin(Sender: TObject; var Handled: Boolean);
var
_callback, _state: string;
_CodUtente, _DataOra, _SessionID: string;
begin
if (not _FlStatoAutoLogin) then
begin
//check if arrived from callback
_callback:=UniSession.UniApplication.Parameters.Values['callback'];
_state:=UniSession.UniApplication.Parameters.Values['state'];
if (_callback='XXX') and (_state<>'') then
begin
_state:=XDecrypt(_state);
_CodClient:=GetStrPosiz(_state, '|', 1);
_CodUtenteXXX:=GetStrPosiz(_state, '|', 2);
_DataOra:=GetStrPosiz(_state, '|', 3);
_SessionID:=GetStrPosiz(_state, '|', 4);
if (MinutesBetween(StrToDateTime(_DataOra), NOW)<=5)
and ChkExistSessionID(_SessionID) then
begin
_FlStatoAutoLogin:=True;
Handled:=True;
end;
end;
end;
end;
function TUniMainModule.ChkExistSessionID(SessionID: string): boolean;
var
_path: string;
begin
//look in files if exists a session with specific ID
_path:=UniServerModule.CacheFolderPath+'cache\'+
ReplaceText(ExtractFileName(Application.ExeName), '.exe', '_exe')+'\'+
SessionID;
Result:=(DirectoryExists(_path));
end;
To exit and get again loginform, in Main.pas
procedure TMainForm.UniFormClose(Sender: TObject; var Action: TCloseAction);
begin
if UniMainModule._FlStatoAutoLogin then
begin
UniSession.UrlRedirect('?');
Action:=caNone;
end;
end;
The above it's just to authorize access to my unigui webapp...