Hello!
I have a problem using the JWT authorization and CRUD endpoints and I would need some help. I've set up an XData server with a service operation (simplified):
function TMyService.Login(const UserName, Password: string): string;
var
JWT: TJWT;
Scopes: string;
begin
if (UserName <> 'test') or (Password <> 'testpass') then
raise EXDataHttpUnauthorized.Create('Invalid password');
JWT := TJWT.Create;
try
JWT.Claims.SetClaimOfType<string>('user', UserName);
Scopes := 'terminal';
JWT.Claims.SetClaimOfType<string>('scope', Scopes);
JWT.Claims.Issuer := 'My REST server';
Result := TJOSE.SHA256CompactToken('secretthatonlyikowandwillneverbeknowntoothers', JWT);
finally
JWT.Free;
end;
end;
Note: The CompactToken uses the same secret as declared in TSparkleJwtMiddleware.Secret.
Aurelius entity sample
uses
SysUtils,
Generics.Collections,
Aurelius.Mapping.Attributes,
XData.Security.Attributes,
Aurelius.Types.Blob,
Aurelius.Types.DynamicProperties,
Aurelius.Types.Nullable,
Aurelius.Types.Proxy,
Aurelius.Dictionary.Classes,
Aurelius.Linq;
...
[Entity]
[Table('Dasy')]
[Id('FId', TIdGenerator.None)]
[EntityAuthorize(EntitySetPermissionsAll)]
TDay = class
private
[Column('Id', [TColumnProp.Required])]
FId: Integer;
[Column('Name', [TColumnProp.Required], 20)]
FIme: string;
public
property Id: Integer read FId write FId;
property Name: string read FNamewrite FName;
end;
I try to access the entity with PostMan, I call the Login service operation and get the JWT token:
{
"value": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjoia2FtaWpvbmNpbiIsInNjb3BlIjoidGVybWluYWwiLCJpc3MiOiJLYW1pb25jaW4gUkVTVCBzZXJ2ZXIifQ.wag2XpBYpfjyJGQKNVJNDBcnxP-R_dTF5Iq3-g6jbLw"
}
but when I try to get the entitiy TDay get the error:
{
"error": {
"code": "InsufficientPermissions",
"message": "You do not have enough permissions to perform this action"
}
}
Here's the code on the client side, used to get the token - I get the same error as in Postman.:
procedure TmodMain.connServerRequest(Args: TXDataWebConnectionRequest);
begin
if self.AuthToken<>'' then
Args.Request.Headers.SetValue('Authorization','Bearer ' + AuthToken);
end;
I checked the XData JWT demo and I think I've done the same in my app, I also checked the forum, but I just can't find whatI'm doing wrong.