isosrl Posted July 26, 2018 Share Posted July 26, 2018 Someone has played with SAML 2.0 single sign-on with uniGUI ? If yes, is there any example to follow ? Thanks. Link to comment Share on other sites More sharing options...
delagoutte Posted January 11, 2019 Share Posted January 11, 2019 nobody ? a client ask me the same thing Link to comment Share on other sites More sharing options...
isosrl Posted January 11, 2019 Author Share Posted January 11, 2019 Hi, no solution for SAML 2.0 but in my case client also has OAuth2 authentication... So I made a half of a real good solution... In the LoginForm the user click on a button that redirect to sign-on Note: XXX is the name of the client procedure TUniLoginForm1.btNextXXXClick(Sender: TObject); var _XXXurl, _state: string; begin //redirect login _XXXurl:='https://login-dev.XXX.com/adfs/oauth2/authorize?response_type=code'+ '&resource=XXXClientPortal'+ '&client_id=a123-b456-c789'+ '&redirect_uri=http://dev.test.it:8077/?callback=XXX'; //add an encrypted string in parameter state that will returned back without modification _state:='&state='+XEncrypt(edCodCliente.Text+'|'+edCodUtente.Text+'|'+DateTimeToStr(NOW)+'|'+UniSession.SessionId); _XXXurl:=_XXXurl+_state; UniSession.UrlRedirect(_XXXurl); end; In MainModule procedure TUniMainModule.UniGUIMainModuleBeforeLogin(Sender: TObject; var Handled: Boolean); var _callback, _state: string; _CodUtente, _DataOra, _SessionID: string; begin if (not _FlStatoAutoLogin) then begin //check if arrived from callback _callback:=UniSession.UniApplication.Parameters.Values['callback']; _state:=UniSession.UniApplication.Parameters.Values['state']; if (_callback='XXX') and (_state<>'') then begin _state:=XDecrypt(_state); _CodClient:=GetStrPosiz(_state, '|', 1); _CodUtenteXXX:=GetStrPosiz(_state, '|', 2); _DataOra:=GetStrPosiz(_state, '|', 3); _SessionID:=GetStrPosiz(_state, '|', 4); if (MinutesBetween(StrToDateTime(_DataOra), NOW)<=5) and ChkExistSessionID(_SessionID) then begin _FlStatoAutoLogin:=True; Handled:=True; end; end; end; end; function TUniMainModule.ChkExistSessionID(SessionID: string): boolean; var _path: string; begin //look in files if exists a session with specific ID _path:=UniServerModule.CacheFolderPath+'cache\'+ ReplaceText(ExtractFileName(Application.ExeName), '.exe', '_exe')+'\'+ SessionID; Result:=(DirectoryExists(_path)); end; To exit and get again loginform, in Main.pas procedure TMainForm.UniFormClose(Sender: TObject; var Action: TCloseAction); begin if UniMainModule._FlStatoAutoLogin then begin UniSession.UrlRedirect('?'); Action:=caNone; end; end; The above it's just to authorize access to my unigui webapp... 1 Link to comment Share on other sites More sharing options...
delagoutte Posted January 14, 2019 Share Posted January 14, 2019 thanks for your sharing Link to comment Share on other sites More sharing options...
Recommended Posts