Created
September 6, 2024 15:18
-
-
Save synopse/e0dacfcc870db67013de55e43276f07b to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
unit auth.api; | |
{$I mormot.defines.inc} | |
interface | |
{ | |
-------------------------------------------------------------------- | |
AUTHENTIQ API client as TAuthClient class | |
Generated 6 Sep 2024 by ab via mormot2tests - DO NOT MODIFY BY HAND! | |
-------------------------------------------------------------------- | |
} | |
uses | |
classes, | |
sysutils, | |
mormot.core.base, | |
mormot.core.unicode, | |
mormot.core.text, | |
mormot.core.buffers, | |
mormot.core.datetime, | |
mormot.core.rtti, | |
mormot.core.json, | |
mormot.core.variants, | |
mormot.net.client; | |
type | |
{ ************ Data Transfert Objects } | |
TDtoAuth1 = packed record | |
Status: RawUtf8; | |
end; | |
PDtoAuth1 = ^TDtoAuth1; | |
TError = packed record | |
Detail: RawUtf8; | |
Error: integer; | |
Title: RawUtf8; | |
_Type: RawUtf8; | |
end; | |
PError = ^TError; | |
TAuthentiqID = packed record | |
Devtoken: RawUtf8; | |
Sub: RawUtf8; | |
end; | |
PAuthentiqID = ^TAuthentiqID; | |
TDtoAuth2 = packed record | |
Secret: RawUtf8; | |
Status: RawUtf8; | |
end; | |
PDtoAuth2 = ^TDtoAuth2; | |
TDtoAuth4 = packed record | |
Status: RawUtf8; | |
end; | |
PDtoAuth4 = ^TDtoAuth4; | |
TDtoAuth5 = packed record | |
Since: TDateTime; | |
Status: RawUtf8; | |
Sub: RawUtf8; | |
end; | |
PDtoAuth5 = ^TDtoAuth5; | |
TDtoAuth7 = packed record | |
Status: RawUtf8; | |
end; | |
PDtoAuth7 = ^TDtoAuth7; | |
TDtoAuth9 = packed record | |
Status: RawUtf8; | |
end; | |
PDtoAuth9 = ^TDtoAuth9; | |
TPushToken = packed record | |
Aud: RawUtf8; | |
Exp: integer; | |
Iat: integer; | |
Iss: RawUtf8; | |
Nbf: integer; | |
Sub: RawUtf8; | |
end; | |
PPushToken = ^TPushToken; | |
TDtoAuth11 = packed record | |
Status: RawUtf8; | |
end; | |
PDtoAuth11 = ^TDtoAuth11; | |
TClaims = packed record | |
Email: RawUtf8; | |
Phone: RawUtf8; | |
Scope: RawUtf8; | |
Sub: RawUtf8; | |
_Type: RawUtf8; | |
end; | |
PClaims = ^TClaims; | |
TDtoAuth12 = packed record | |
Job: RawUtf8; | |
Status: RawUtf8; | |
end; | |
PDtoAuth12 = ^TDtoAuth12; | |
TDtoAuth14 = packed record | |
Status: RawUtf8; | |
end; | |
PDtoAuth14 = ^TDtoAuth14; | |
TDtoAuth15 = packed record | |
Exp: integer; | |
Field: RawUtf8; | |
Sub: RawUtf8; | |
end; | |
PDtoAuth15 = ^TDtoAuth15; | |
TDtoAuth17 = packed record | |
Status: RawUtf8; | |
end; | |
PDtoAuth17 = ^TDtoAuth17; | |
TDtoAuth18 = packed record | |
Jwt: RawUtf8; | |
Status: RawUtf8; | |
end; | |
PDtoAuth18 = ^TDtoAuth18; | |
type | |
{ ************ Custom Exceptions } | |
EError = class(EJsonClient) | |
protected | |
fError: TError; | |
public | |
constructor CreateResp(const Format: RawUtf8; const Args: array of const; | |
const Resp: TJsonResponse); override; | |
property Error: TError | |
read fError; | |
end; | |
{ ************ Main TAuthClient Class } | |
TAuthClient = class | |
private | |
fClient: IJsonClient; | |
// TOnJsonClientError event handler | |
procedure OnError1(const Sender: IJsonClient; | |
const Response: TJsonResponse; const ErrorMsg: shortstring); | |
public | |
// initialize this Client with an associated HTTP/JSON request | |
constructor Create(const aClient: IJsonClient = nil); | |
// key methods | |
function KeyRevokeNosecret(const Email: RawUtf8; const Phone: RawUtf8; | |
const Code: RawUtf8 = ''): TDtoAuth1; | |
function KeyRegister(const Payload: TAuthentiqID): TDtoAuth2; | |
function KeyRevoke(const PK: RawUtf8; const Secret: RawUtf8): TDtoAuth4; | |
function KeyRetrieve(const PK: RawUtf8): TDtoAuth5; | |
procedure HEADInfoOnAuthentiqID(const PK: RawUtf8); | |
function KeyUpdate(const PK: RawUtf8; const Payload: TAuthentiqID): TDtoAuth7; | |
function KeyBind(const PK: RawUtf8; const Payload: TAuthentiqID): TDtoAuth9; | |
// delete methods | |
function SignDelete(const Job: RawUtf8): TDtoAuth14; | |
// post methods | |
function PushLoginRequest(const Callback: RawUtf8; const Payload: TPushToken): TDtoAuth11; | |
function SignRequest(const Payload: TClaims; Test: integer = 0): TDtoAuth12; | |
function SignConfirm(const Job: RawUtf8): TDtoAuth17; | |
// get methods | |
function SignRetrieve(const Job: RawUtf8): TDtoAuth15; | |
// head methods | |
procedure SignRetrieveHead(const Job: RawUtf8); | |
// put methods | |
function SignUpdate(const Job: RawUtf8): TDtoAuth18; | |
// access to the associated HTTP/JSON request | |
property JsonClient: IJsonClient | |
read fClient write fClient; | |
end; | |
implementation | |
{ ************ Custom Exceptions } | |
{ EError } | |
constructor EError.CreateResp(const Format: RawUtf8; | |
const Args: array of const; const Resp: TJsonResponse); | |
begin | |
inherited CreateResp(Format, Args, Resp); | |
LoadJson(fError, Resp.Content, TypeInfo(TError)); | |
end; | |
{ ************ Main TAuthClient Class } | |
{ TAuthClient} | |
constructor TAuthClient.Create(const aClient: IJsonClient); | |
begin | |
fClient := aClient; | |
fClient.UrlEncoder := | |
[ueEncodeNames, ueSkipVoidString, ueSkipVoidValue, ueStarNameIsCsv]; | |
end; | |
procedure TAuthClient.OnError1(const Sender: IJsonClient; | |
const Response: TJsonResponse; const ErrorMsg: shortstring); | |
begin | |
raise EError.CreateResp('%.%', [self, ErrorMsg], Response); | |
end; | |
function TAuthClient.KeyRevokeNosecret(const Email: RawUtf8; const Phone: RawUtf8; | |
const Code: RawUtf8): TDtoAuth1; | |
begin | |
fClient.Request('DELETE', '/key', [], [ | |
'email', Email, | |
'phone', Phone, | |
'code', Code], [], | |
result, TypeInfo(TDtoAuth1), OnError1); | |
end; | |
function TAuthClient.KeyRegister(const Payload: TAuthentiqID): TDtoAuth2; | |
begin | |
fClient.Request('POST', '/key', [], [], [], | |
Payload, result, TypeInfo(TAuthentiqID), TypeInfo(TDtoAuth2), OnError1); | |
end; | |
function TAuthClient.KeyRevoke(const PK: RawUtf8; const Secret: RawUtf8): TDtoAuth4; | |
begin | |
fClient.Request('DELETE', '/key/%', [PK], [ | |
'secret', Secret], [], | |
result, TypeInfo(TDtoAuth4), OnError1); | |
end; | |
function TAuthClient.KeyRetrieve(const PK: RawUtf8): TDtoAuth5; | |
begin | |
fClient.Request('GET', '/key/%', [PK], [], [], | |
result, TypeInfo(TDtoAuth5), OnError1); | |
end; | |
procedure TAuthClient.HEADInfoOnAuthentiqID(const PK: RawUtf8); | |
begin | |
fClient.Request('HEAD', '/key/%', [PK], [], [], OnError1); | |
end; | |
function TAuthClient.KeyUpdate(const PK: RawUtf8; const Payload: TAuthentiqID): TDtoAuth7; | |
begin | |
fClient.Request('POST', '/key/%', [PK], [], [], | |
Payload, result, TypeInfo(TAuthentiqID), TypeInfo(TDtoAuth7), OnError1); | |
end; | |
function TAuthClient.KeyBind(const PK: RawUtf8; const Payload: TAuthentiqID): TDtoAuth9; | |
begin | |
fClient.Request('PUT', '/key/%', [PK], [], [], | |
Payload, result, TypeInfo(TAuthentiqID), TypeInfo(TDtoAuth9), OnError1); | |
end; | |
function TAuthClient.PushLoginRequest(const Callback: RawUtf8; const Payload: TPushToken): TDtoAuth11; | |
begin | |
fClient.Request('POST', '/login', [], [ | |
'callback', Callback], [], | |
Payload, result, TypeInfo(TPushToken), TypeInfo(TDtoAuth11), OnError1); | |
end; | |
function TAuthClient.SignRequest(const Payload: TClaims; Test: integer): TDtoAuth12; | |
begin | |
fClient.Request('POST', '/scope', [], [ | |
'test', Test], [], | |
Payload, result, TypeInfo(TClaims), TypeInfo(TDtoAuth12), OnError1); | |
end; | |
function TAuthClient.SignDelete(const Job: RawUtf8): TDtoAuth14; | |
begin | |
fClient.Request('DELETE', '/scope/%', [Job], [], [], | |
result, TypeInfo(TDtoAuth14), OnError1); | |
end; | |
function TAuthClient.SignRetrieve(const Job: RawUtf8): TDtoAuth15; | |
begin | |
fClient.Request('GET', '/scope/%', [Job], [], [], | |
result, TypeInfo(TDtoAuth15), OnError1); | |
end; | |
procedure TAuthClient.SignRetrieveHead(const Job: RawUtf8); | |
begin | |
fClient.Request('HEAD', '/scope/%', [Job], [], [], OnError1); | |
end; | |
function TAuthClient.SignConfirm(const Job: RawUtf8): TDtoAuth17; | |
begin | |
fClient.Request('POST', '/scope/%', [Job], [], [], | |
result, TypeInfo(TDtoAuth17), OnError1); | |
end; | |
function TAuthClient.SignUpdate(const Job: RawUtf8): TDtoAuth18; | |
begin | |
fClient.Request('PUT', '/scope/%', [Job], [], [], | |
result, TypeInfo(TDtoAuth18), OnError1); | |
end; | |
{ ************ Custom RTTI/JSON initialization } | |
const | |
// exact definition of the DTOs expected JSON serialization | |
_TDtoAuth1 = 'status:RawUtf8'; | |
_TError = 'detail:RawUtf8 error:integer title:RawUtf8 type:RawUtf8'; | |
_TAuthentiqID = 'devtoken:RawUtf8 sub:RawUtf8'; | |
_TDtoAuth2 = 'secret:RawUtf8 status:RawUtf8'; | |
_TDtoAuth4 = 'status:RawUtf8'; | |
_TDtoAuth5 = 'since:TDateTime status:RawUtf8 sub:RawUtf8'; | |
_TDtoAuth7 = 'status:RawUtf8'; | |
_TDtoAuth9 = 'status:RawUtf8'; | |
_TPushToken = 'aud:RawUtf8 exp:integer iat:integer iss:RawUtf8 nbf:integer ' + | |
'sub:RawUtf8'; | |
_TDtoAuth11 = 'status:RawUtf8'; | |
_TClaims = 'email:RawUtf8 phone:RawUtf8 scope:RawUtf8 sub:RawUtf8 type:RawUtf8'; | |
_TDtoAuth12 = 'job:RawUtf8 status:RawUtf8'; | |
_TDtoAuth14 = 'status:RawUtf8'; | |
_TDtoAuth15 = 'exp:integer field:RawUtf8 sub:RawUtf8'; | |
_TDtoAuth17 = 'status:RawUtf8'; | |
_TDtoAuth18 = 'jwt:RawUtf8 status:RawUtf8'; | |
procedure RegisterRtti; | |
begin | |
Rtti.RegisterFromText([ | |
TypeInfo(TDtoAuth1), _TDtoAuth1, | |
TypeInfo(TError), _TError, | |
TypeInfo(TAuthentiqID), _TAuthentiqID, | |
TypeInfo(TDtoAuth2), _TDtoAuth2, | |
TypeInfo(TDtoAuth4), _TDtoAuth4, | |
TypeInfo(TDtoAuth5), _TDtoAuth5, | |
TypeInfo(TDtoAuth7), _TDtoAuth7, | |
TypeInfo(TDtoAuth9), _TDtoAuth9, | |
TypeInfo(TPushToken), _TPushToken, | |
TypeInfo(TDtoAuth11), _TDtoAuth11, | |
TypeInfo(TClaims), _TClaims, | |
TypeInfo(TDtoAuth12), _TDtoAuth12, | |
TypeInfo(TDtoAuth14), _TDtoAuth14, | |
TypeInfo(TDtoAuth15), _TDtoAuth15, | |
TypeInfo(TDtoAuth17), _TDtoAuth17, | |
TypeInfo(TDtoAuth18), _TDtoAuth18]); | |
end; | |
initialization | |
RegisterRtti; | |
end. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Client unit for Authentiq API | |
// - Strong authentication, without the passwords. | |
// - version 6 | |
// - OpenAPI definition licensed under Apache 2.0 terms | |
unit auth.client; | |
{$I mormot.defines.inc} | |
interface | |
{ | |
-------------------------------------------------------------------- | |
AUTHENTIQ API client as TAuthClient class | |
Generated 6 Sep 2024 by ab via mormot2tests - DO NOT MODIFY BY HAND! | |
-------------------------------------------------------------------- | |
} | |
uses | |
classes, | |
sysutils, | |
mormot.core.base, | |
mormot.core.unicode, | |
mormot.core.text, | |
mormot.core.buffers, | |
mormot.core.datetime, | |
mormot.core.rtti, | |
mormot.core.json, | |
mormot.core.variants, | |
mormot.net.client, | |
auth.dto; | |
type | |
{ ************ Custom Exceptions } | |
EError = class(EJsonClient) | |
protected | |
fError: TError; | |
public | |
constructor CreateResp(const Format: RawUtf8; const Args: array of const; | |
const Resp: TJsonResponse); override; | |
property Error: TError | |
read fError; | |
end; | |
{ ************ Main TAuthClient Class } | |
// Client class for Authentiq API | |
// - Strong authentication, without the passwords. | |
TAuthClient = class | |
private | |
fClient: IJsonClient; | |
// TOnJsonClientError event handler | |
procedure OnError1(const Sender: IJsonClient; | |
const Response: TJsonResponse; const ErrorMsg: shortstring); | |
public | |
// initialize this Client with an associated HTTP/JSON request | |
constructor Create(const aClient: IJsonClient = nil); | |
// ------------- | |
// KEY METHODS | |
// ------------- | |
// key_revoke_nosecret [delete] /key | |
// | |
// Description: | |
// Revoke an Authentiq ID using email & phone. | |
// | |
// If called with `email` and `phone` only, a verification code | |
// will be sent by email. Do a second call adding `code` to | |
// complete the revocation. | |
// | |
// Params: | |
// - [query] Email (required): primary email associated to Key (ID) | |
// - [query] Phone (required): primary phone number, international representation | |
// - [query] Code: verification code sent by email | |
// | |
// Responses: | |
// - 200 (main): Successfully deleted | |
// - 401 [EError]: Authentication error `auth-error` | |
// - 404 [EError]: Unknown key `unknown-key` | |
// - 409 [EError]: Confirm with code sent `confirm-first` | |
// - default [EError] | |
function KeyRevokeNosecret(const Email: RawUtf8; const Phone: RawUtf8; | |
const Code: RawUtf8 = ''): TDtoAuth1; | |
// key_register [post] /key | |
// | |
// Description: | |
// Register a new ID `JWT(sub, devtoken)` | |
// | |
// v5: `JWT(sub, pk, devtoken, ...)` | |
// | |
// See: https://github.com/skion/authentiq/wiki/JWT-Examples | |
// | |
// Params: | |
// - [body] Payload (required) | |
// | |
// Responses: | |
// - 201 (main): Successfully registered | |
// - 409 [EError]: Key already registered `duplicate-key` | |
// - default [EError] | |
function KeyRegister(const Payload: TAuthentiqID): TDtoAuth2; | |
// key_revoke [delete] /key/{PK} | |
// | |
// Description: | |
// Revoke an Identity (Key) with a revocation secret | |
// | |
// Params: | |
// - [path] PK (required): Public Signing Key - Authentiq ID (43 chars) | |
// - [query] Secret (required): revokation secret | |
// | |
// Responses: | |
// - 200 (main): Successful response | |
// - 401 [EError]: Key not found / wrong code `auth-error` | |
// - 404 [EError]: Unknown key `unknown-key` | |
// - default [EError] | |
function KeyRevoke(const PK: RawUtf8; const Secret: RawUtf8): TDtoAuth4; | |
// key_retrieve [get] /key/{PK} | |
// | |
// Description: | |
// Get public details of an Authentiq ID. | |
// | |
// Params: | |
// - [path] PK (required): Public Signing Key - Authentiq ID (43 chars) | |
// | |
// Responses: | |
// - 200 (main): Successfully retrieved | |
// - 404 [EError]: Unknown key `unknown-key` | |
// - 410 [EError]: Key is revoked (gone). `revoked-key` | |
// - default [EError] | |
function KeyRetrieve(const PK: RawUtf8): TDtoAuth5; | |
// [head] /key/{PK} | |
// | |
// Description: | |
// HEAD info on Authentiq ID | |
// | |
// Params: | |
// - [path] PK (required): Public Signing Key - Authentiq ID (43 chars) | |
// | |
// Responses: | |
// - 200 (main): Key exists | |
// - 404 [EError]: Unknown key `unknown-key` | |
// - 410 [EError]: Key is revoked `revoked-key` | |
// - default [EError] | |
procedure HEADInfoOnAuthentiqID(const PK: RawUtf8); | |
// key_update [post] /key/{PK} | |
// | |
// Description: | |
// update properties of an Authentiq ID. | |
// (not operational in v4; use PUT for now) | |
// | |
// v5: POST issuer-signed email & phone scopes in | |
// a self-signed JWT | |
// | |
// See: https://github.com/skion/authentiq/wiki/JWT-Examples | |
// | |
// Params: | |
// - [path] PK (required): Public Signing Key - Authentiq ID (43 chars) | |
// - [body] Payload (required) | |
// | |
// Responses: | |
// - 200 (main): Successfully updated | |
// - 404 [EError]: Unknown key `unknown-key` | |
// - default [EError] | |
function KeyUpdate(const PK: RawUtf8; const Payload: TAuthentiqID): TDtoAuth7; | |
// key_bind [put] /key/{PK} | |
// | |
// Description: | |
// Update Authentiq ID by replacing the object. | |
// | |
// v4: `JWT(sub,email,phone)` to bind email/phone hash; | |
// | |
// v5: POST issuer-signed email & phone scopes | |
// and PUT to update registration `JWT(sub, pk, devtoken, ...)` | |
// | |
// See: https://github.com/skion/authentiq/wiki/JWT-Examples | |
// | |
// Params: | |
// - [path] PK (required): Public Signing Key - Authentiq ID (43 chars) | |
// - [body] Payload (required) | |
// | |
// Responses: | |
// - 200 (main): Successfully updated | |
// - 404 [EError]: Unknown key `unknown-key` | |
// - 409 [EError]: Already bound to another key `duplicate-hash` | |
// - default [EError] | |
function KeyBind(const PK: RawUtf8; const Payload: TAuthentiqID): TDtoAuth9; | |
// ---------------- | |
// DELETE METHODS | |
// ---------------- | |
// sign_delete [delete] /scope/{job} | |
// | |
// Description: | |
// delete a verification job | |
// | |
// Params: | |
// - [path] Job (required): Job ID (20 chars) | |
// | |
// Responses: | |
// - 200 (main): Successfully deleted | |
// - 404 [EError]: Job not found `unknown-job` | |
// - default [EError] | |
function SignDelete(const Job: RawUtf8): TDtoAuth14; | |
// -------------- | |
// POST METHODS | |
// -------------- | |
// push_login_request [post] /login | |
// | |
// Description: | |
// push sign-in request | |
// See: https://github.com/skion/authentiq/wiki/JWT-Examples | |
// | |
// Params: | |
// - [query] Callback (required): URI App will connect to | |
// - [body] Payload (required) | |
// | |
// Responses: | |
// - 200 (main): Successful response | |
// - 401 [EError]: Unauthorized for this callback audience `aud-error` or JWT | |
// should be self-signed `auth-error` | |
// - default [EError] | |
function PushLoginRequest(const Callback: RawUtf8; const Payload: TPushToken): TDtoAuth11; | |
// sign_request [post] /scope | |
// | |
// Description: | |
// scope verification request | |
// See: https://github.com/skion/authentiq/wiki/JWT-Examples | |
// | |
// Params: | |
// - [query] Test: test only mode, using test issuer | |
// - [body] Payload (required) | |
// | |
// Responses: | |
// - 201 (main): Successful response | |
// - 429 [EError]: Too Many Requests on same address / number `rate-limit` | |
// - default [EError] | |
function SignRequest(const Payload: TClaims; Test: integer = 0): TDtoAuth12; | |
// sign_confirm [post] /scope/{job} | |
// | |
// Description: | |
// this is a scope confirmation | |
// | |
// Params: | |
// - [path] Job (required): Job ID (20 chars) | |
// | |
// Responses: | |
// - 202 (main): Successfully confirmed | |
// - 401 [EError]: Confirmation error `auth-error` | |
// - 404 [EError]: Job not found `unknown-job` | |
// - 405 [EError]: JWT POSTed to scope `not-supported` | |
// - default [EError] | |
function SignConfirm(const Job: RawUtf8): TDtoAuth17; | |
// ------------- | |
// GET METHODS | |
// ------------- | |
// sign_retrieve [get] /scope/{job} | |
// | |
// Description: | |
// get the status / current content of a verification job | |
// | |
// Params: | |
// - [path] Job (required): Job ID (20 chars) | |
// | |
// Responses: | |
// - 200 (main): Successful response (JWT) | |
// - 204: Confirmed, waiting for signing | |
// - 404 [EError]: Job not found `unknown-job` | |
// - default [EError] | |
function SignRetrieve(const Job: RawUtf8): TDtoAuth15; | |
// -------------- | |
// HEAD METHODS | |
// -------------- | |
// sign_retrieve_head [head] /scope/{job} | |
// | |
// Description: | |
// HEAD to get the status of a verification job | |
// | |
// Params: | |
// - [path] Job (required): Job ID (20 chars) | |
// | |
// Responses: | |
// - 200: Confirmed and signed | |
// - 204 (main): Confirmed, waiting for signing | |
// - 404 [EError]: Job not found `unknown-job` | |
// - default [EError] | |
procedure SignRetrieveHead(const Job: RawUtf8); | |
// ------------- | |
// PUT METHODS | |
// ------------- | |
// sign_update [put] /scope/{job} | |
// | |
// Description: | |
// authority updates a JWT with its signature | |
// See: https://github.com/skion/authentiq/wiki/JWT-Examples | |
// | |
// Params: | |
// - [path] Job (required): Job ID (20 chars) | |
// | |
// Responses: | |
// - 200 (main): Successfully updated | |
// - 404 [EError]: Job not found `unknown-job` | |
// - 409 [EError]: Job not confirmed yet `confirm-first` | |
// - default [EError] | |
function SignUpdate(const Job: RawUtf8): TDtoAuth18; | |
// access to the associated HTTP/JSON request | |
property JsonClient: IJsonClient | |
read fClient write fClient; | |
end; | |
implementation | |
{ ************ Custom Exceptions } | |
{ EError } | |
constructor EError.CreateResp(const Format: RawUtf8; | |
const Args: array of const; const Resp: TJsonResponse); | |
begin | |
inherited CreateResp(Format, Args, Resp); | |
LoadJson(fError, Resp.Content, TypeInfo(TError)); | |
end; | |
{ ************ Main TAuthClient Class } | |
{ TAuthClient} | |
constructor TAuthClient.Create(const aClient: IJsonClient); | |
begin | |
fClient := aClient; | |
fClient.UrlEncoder := | |
[ueEncodeNames, ueSkipVoidString, ueSkipVoidValue, ueStarNameIsCsv]; | |
end; | |
procedure TAuthClient.OnError1(const Sender: IJsonClient; | |
const Response: TJsonResponse; const ErrorMsg: shortstring); | |
begin | |
raise EError.CreateResp('%.%', [self, ErrorMsg], Response); | |
end; | |
function TAuthClient.KeyRevokeNosecret(const Email: RawUtf8; const Phone: RawUtf8; | |
const Code: RawUtf8): TDtoAuth1; | |
begin | |
fClient.Request('DELETE', '/key', [], [ | |
'email', Email, | |
'phone', Phone, | |
'code', Code], [], | |
result, TypeInfo(TDtoAuth1), OnError1); | |
end; | |
function TAuthClient.KeyRegister(const Payload: TAuthentiqID): TDtoAuth2; | |
begin | |
fClient.Request('POST', '/key', [], [], [], | |
Payload, result, TypeInfo(TAuthentiqID), TypeInfo(TDtoAuth2), OnError1); | |
end; | |
function TAuthClient.KeyRevoke(const PK: RawUtf8; const Secret: RawUtf8): TDtoAuth4; | |
begin | |
fClient.Request('DELETE', '/key/%', [PK], [ | |
'secret', Secret], [], | |
result, TypeInfo(TDtoAuth4), OnError1); | |
end; | |
function TAuthClient.KeyRetrieve(const PK: RawUtf8): TDtoAuth5; | |
begin | |
fClient.Request('GET', '/key/%', [PK], [], [], | |
result, TypeInfo(TDtoAuth5), OnError1); | |
end; | |
procedure TAuthClient.HEADInfoOnAuthentiqID(const PK: RawUtf8); | |
begin | |
fClient.Request('HEAD', '/key/%', [PK], [], [], OnError1); | |
end; | |
function TAuthClient.KeyUpdate(const PK: RawUtf8; const Payload: TAuthentiqID): TDtoAuth7; | |
begin | |
fClient.Request('POST', '/key/%', [PK], [], [], | |
Payload, result, TypeInfo(TAuthentiqID), TypeInfo(TDtoAuth7), OnError1); | |
end; | |
function TAuthClient.KeyBind(const PK: RawUtf8; const Payload: TAuthentiqID): TDtoAuth9; | |
begin | |
fClient.Request('PUT', '/key/%', [PK], [], [], | |
Payload, result, TypeInfo(TAuthentiqID), TypeInfo(TDtoAuth9), OnError1); | |
end; | |
function TAuthClient.PushLoginRequest(const Callback: RawUtf8; const Payload: TPushToken): TDtoAuth11; | |
begin | |
fClient.Request('POST', '/login', [], [ | |
'callback', Callback], [], | |
Payload, result, TypeInfo(TPushToken), TypeInfo(TDtoAuth11), OnError1); | |
end; | |
function TAuthClient.SignRequest(const Payload: TClaims; Test: integer): TDtoAuth12; | |
begin | |
fClient.Request('POST', '/scope', [], [ | |
'test', Test], [], | |
Payload, result, TypeInfo(TClaims), TypeInfo(TDtoAuth12), OnError1); | |
end; | |
function TAuthClient.SignDelete(const Job: RawUtf8): TDtoAuth14; | |
begin | |
fClient.Request('DELETE', '/scope/%', [Job], [], [], | |
result, TypeInfo(TDtoAuth14), OnError1); | |
end; | |
function TAuthClient.SignRetrieve(const Job: RawUtf8): TDtoAuth15; | |
begin | |
fClient.Request('GET', '/scope/%', [Job], [], [], | |
result, TypeInfo(TDtoAuth15), OnError1); | |
end; | |
procedure TAuthClient.SignRetrieveHead(const Job: RawUtf8); | |
begin | |
fClient.Request('HEAD', '/scope/%', [Job], [], [], OnError1); | |
end; | |
function TAuthClient.SignConfirm(const Job: RawUtf8): TDtoAuth17; | |
begin | |
fClient.Request('POST', '/scope/%', [Job], [], [], | |
result, TypeInfo(TDtoAuth17), OnError1); | |
end; | |
function TAuthClient.SignUpdate(const Job: RawUtf8): TDtoAuth18; | |
begin | |
fClient.Request('PUT', '/scope/%', [Job], [], [], | |
result, TypeInfo(TDtoAuth18), OnError1); | |
end; | |
end. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// DTOs for Authentiq API | |
// - Strong authentication, without the passwords. | |
// - version 6 | |
// - OpenAPI definition licensed under Apache 2.0 terms | |
unit auth.dto; | |
{$I mormot.defines.inc} | |
interface | |
{ | |
-------------------------------------------------------------------- | |
AUTHENTIQ API DTOs | |
Generated 6 Sep 2024 by ab via mormot2tests - DO NOT MODIFY BY HAND! | |
-------------------------------------------------------------------- | |
} | |
uses | |
classes, | |
sysutils, | |
mormot.core.base, | |
mormot.core.rtti, | |
mormot.core.json; | |
type | |
{ ************ Data Transfert Objects } | |
TDtoAuth1 = packed record | |
// pending or done | |
Status: RawUtf8; | |
end; | |
PDtoAuth1 = ^TDtoAuth1; | |
// from #/components/schemas/Error | |
TError = packed record | |
Detail: RawUtf8; | |
Error: integer; | |
Title: RawUtf8; | |
// unique uri for this error | |
_Type: RawUtf8; | |
end; | |
PError = ^TError; | |
// from #/components/schemas/AuthentiqID | |
TAuthentiqID = packed record | |
// device token for push messages | |
Devtoken: RawUtf8; | |
// UUID and public signing key | |
Sub: RawUtf8; | |
end; | |
PAuthentiqID = ^TAuthentiqID; | |
TDtoAuth2 = packed record | |
// revoke key | |
Secret: RawUtf8; | |
// registered | |
Status: RawUtf8; | |
end; | |
PDtoAuth2 = ^TDtoAuth2; | |
TDtoAuth4 = packed record | |
// done | |
Status: RawUtf8; | |
end; | |
PDtoAuth4 = ^TDtoAuth4; | |
TDtoAuth5 = packed record | |
Since: TDateTime; | |
Status: RawUtf8; | |
// base64safe encoded public signing key | |
Sub: RawUtf8; | |
end; | |
PDtoAuth5 = ^TDtoAuth5; | |
TDtoAuth7 = packed record | |
// confirmed | |
Status: RawUtf8; | |
end; | |
PDtoAuth7 = ^TDtoAuth7; | |
TDtoAuth9 = packed record | |
// confirmed | |
Status: RawUtf8; | |
end; | |
PDtoAuth9 = ^TDtoAuth9; | |
// from #/components/schemas/PushToken | |
TPushToken = packed record | |
// audience (URI) | |
Aud: RawUtf8; | |
Exp: integer; | |
Iat: integer; | |
// issuer (URI) | |
Iss: RawUtf8; | |
Nbf: integer; | |
// UUID and public signing key | |
Sub: RawUtf8; | |
end; | |
PPushToken = ^TPushToken; | |
TDtoAuth11 = packed record | |
// sent | |
Status: RawUtf8; | |
end; | |
PDtoAuth11 = ^TDtoAuth11; | |
// from #/components/schemas/Claims | |
TClaims = packed record | |
Email: RawUtf8; | |
Phone: RawUtf8; | |
// claim scope | |
Scope: RawUtf8; | |
// UUID | |
Sub: RawUtf8; | |
_Type: RawUtf8; | |
end; | |
PClaims = ^TClaims; | |
TDtoAuth12 = packed record | |
// 20-character ID | |
Job: RawUtf8; | |
// waiting | |
Status: RawUtf8; | |
end; | |
PDtoAuth12 = ^TDtoAuth12; | |
TDtoAuth14 = packed record | |
// done | |
Status: RawUtf8; | |
end; | |
PDtoAuth14 = ^TDtoAuth14; | |
TDtoAuth15 = packed record | |
Exp: integer; | |
Field: RawUtf8; | |
// base64safe encoded public signing key | |
Sub: RawUtf8; | |
end; | |
PDtoAuth15 = ^TDtoAuth15; | |
TDtoAuth17 = packed record | |
// confirmed | |
Status: RawUtf8; | |
end; | |
PDtoAuth17 = ^TDtoAuth17; | |
TDtoAuth18 = packed record | |
// result is JWT or JSON?? | |
Jwt: RawUtf8; | |
// ready | |
Status: RawUtf8; | |
end; | |
PDtoAuth18 = ^TDtoAuth18; | |
implementation | |
{ ************ Custom RTTI/JSON initialization } | |
const | |
// exact definition of the DTOs expected JSON serialization | |
_TDtoAuth1 = 'status:RawUtf8'; | |
_TError = 'detail:RawUtf8 error:integer title:RawUtf8 type:RawUtf8'; | |
_TAuthentiqID = 'devtoken:RawUtf8 sub:RawUtf8'; | |
_TDtoAuth2 = 'secret:RawUtf8 status:RawUtf8'; | |
_TDtoAuth4 = 'status:RawUtf8'; | |
_TDtoAuth5 = 'since:TDateTime status:RawUtf8 sub:RawUtf8'; | |
_TDtoAuth7 = 'status:RawUtf8'; | |
_TDtoAuth9 = 'status:RawUtf8'; | |
_TPushToken = 'aud:RawUtf8 exp:integer iat:integer iss:RawUtf8 nbf:integer ' + | |
'sub:RawUtf8'; | |
_TDtoAuth11 = 'status:RawUtf8'; | |
_TClaims = 'email:RawUtf8 phone:RawUtf8 scope:RawUtf8 sub:RawUtf8 type:RawUtf8'; | |
_TDtoAuth12 = 'job:RawUtf8 status:RawUtf8'; | |
_TDtoAuth14 = 'status:RawUtf8'; | |
_TDtoAuth15 = 'exp:integer field:RawUtf8 sub:RawUtf8'; | |
_TDtoAuth17 = 'status:RawUtf8'; | |
_TDtoAuth18 = 'jwt:RawUtf8 status:RawUtf8'; | |
procedure RegisterRtti; | |
begin | |
Rtti.RegisterFromText([ | |
TypeInfo(TDtoAuth1), _TDtoAuth1, | |
TypeInfo(TError), _TError, | |
TypeInfo(TAuthentiqID), _TAuthentiqID, | |
TypeInfo(TDtoAuth2), _TDtoAuth2, | |
TypeInfo(TDtoAuth4), _TDtoAuth4, | |
TypeInfo(TDtoAuth5), _TDtoAuth5, | |
TypeInfo(TDtoAuth7), _TDtoAuth7, | |
TypeInfo(TDtoAuth9), _TDtoAuth9, | |
TypeInfo(TPushToken), _TPushToken, | |
TypeInfo(TDtoAuth11), _TDtoAuth11, | |
TypeInfo(TClaims), _TClaims, | |
TypeInfo(TDtoAuth12), _TDtoAuth12, | |
TypeInfo(TDtoAuth14), _TDtoAuth14, | |
TypeInfo(TDtoAuth15), _TDtoAuth15, | |
TypeInfo(TDtoAuth17), _TDtoAuth17, | |
TypeInfo(TDtoAuth18), _TDtoAuth18]); | |
end; | |
initialization | |
RegisterRtti; | |
end. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment