How to get a token passed as header using datasnap?

Question

In my client application I'm using the following code to add a token in the header:

RESTRequest.Params.AddItem('Authorization', 'Bearer ' + MyToken, TRESTRequestParameterKind.pkHTTPHEADER, [TRESTRequestParameterOption.poDoNotEncode]);

I'd like to get this token in my server using datasnap.

I've tried use the answer from here and here but without success.

Is it possible?

How can I do this?

EDIT

I could verify that Datasnap executes TIdCustomHTTPServer.DoParseAuthenticationand that DoParseAuthentication calls FOnParseAuthentication if it is assigned.

So, how can I hack Datasnap to assign my own OnParseAuthentication?

I think this solve my problem.

Are you sure the information arrives at the destination, i.e. can you inspect the HTTP coming in? — Jan Doggen, Feb 10 '16 at 15:09
Yes, I'm sure @JanDoggen. I can see this information debugging the PreparePostStream Method of the unit IdCustomHTTPServer. It calls the function `TIdCustomHTTPServer.DoParseAuthentication`. And it uses the default parser for the authentication. Maybe I could get the OnParserAuthentication of the IdHttpServer that Datasnap uses inside, but I don't know how to do this. — Daniel Grillo, Feb 10 '16 at 15:41
Sorry, I said `PreparePostStream` but it is `TIdCustomHTTPServer.DoExecute` instead — Daniel Grillo, Feb 10 '16 at 15:56
@DanielGrillo, se você poder ma ajudar, eu agradeço não estou conseguindo resolver. — Jefferson Rudolf, Nov 29 '16 at 19:29
@JeffersonRudolf Faça a pergunta no SO em português que eu respondo lá. — Daniel Grillo, Nov 29 '16 at 19:45
@DanielGrillo, postei a pergunta lá http://pt.stackoverflow.com/questions/168614/como-pegar-request-header-passando-o-authorization-bearer-usando-datasnap — Jefferson Rudolf, Nov 29 '16 at 20:00

score 4 · Accepted Answer · answered Apr 12 '16 at 17:12

I have the same problem. if the Authentication header is used then we get EIdHTTPUnsupportedAuthorisationScheme error, I need to setup OnParseAuthentication. I just started looking into this today and in the Test App "Desktop" I can do the following.

procedure TMainForm.FormCreate(Sender: TObject);
begin
  FServer := TIdHTTPWebBrokerBridge.Create(Self);
  FServer.OnParseAuthentication := DoParseAuthentication;// <-added this line
end;

Now I need to figure out how to update the ASAPI dll to do the same.

where DoParseAuthentication? its function protected – Jefferson Rudolf Nov 29 '16 at 19:16 — Jefferson Rudolf, Nov 29 '16 at 19:16

score 0 · Answer 2 · answered Aug 04 '23 at 06:56

procedure TForm1.DoParseAuthentication(AContext: TIdContext;
  const AAuthType, AAuthData: String; var VUsername, VPassword: String;
  var VHandled: Boolean);
var
  AuthValue: String;
begin
  if SameText(AAuthType, 'Bearer') then
  begin
    // AAuthData should contain the bearer token
    // You should validate the token here and set the VUsername or VPassword
    // to the corresponding values if the token is valid.
    AuthValue := AAuthData;
    
    // Add your token validation logic here. If the token is valid, you could 
    // set VUsername to the corresponding username and VHandled to True.
    
    // Example:
    // if ValidateToken(AuthValue) then
    // begin
    //   VUsername := GetUserNameFromToken(AuthValue);
    //   VHandled := True;
    // end;

    VHandled := True;
  end;
end;

Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). — Community, Aug 10 '23 at 19:03

How to get a token passed as header using datasnap?

EDIT

2 Answers2