RTC Forums
November 24, 2024, 09:48:45 AM *
Welcome, Guest. Please login or register.

Login with username, password and session length
 
   Home   Help Login Register  
Pages: [1]
  Print  
Author Topic: JSON Web Token (JWT)  (Read 5103 times)
HalcyonLogic
Newbie
*
Posts: 45


« on: January 28, 2014, 12:04:42 AM »

I know this kind of falls outside the scope of RTC, but since I also know there are a bunch of really smart folks on this forum, I am hoping someone could provide some guidance.

To your knowledge, how would one generate a JSON Web Token (JWT) in Delphi?
Are you aware of a Delphi library of some sort?

Thanks in advance.

Richard
Logged
BackDream
Guest
« Reply #1 on: November 01, 2014, 03:02:28 AM »

I think it would be very interesting if the REST/JSON example that's found in the QuickStart subfolder was slightly improved to show how to handle at least Token authentication.
The world is going REST and JSON, and has practically abandoned XML-RPC and SOAP.

I'm sure more and more users would like to build the server app with RealThinClient and the client app with any combination of HTML5/jQuery/Bootstrap/Angular.js/...
I cast my vote (even though this isn't a poll) towards a short-term inclusion of richer REST+JSON examples in the RTC package... and in the longer run I think RTC should provide JSON as one of the selectable "DataFormat" in RTCModule component, with choice of Token/OAuth/OAuth2 authentication, and a true stateless architecture (to parallelize many servers without the need to share session data).
Logged
D.Tkalcec (RTC)
Administrator
*****
Posts: 1881


« Reply #2 on: November 01, 2014, 09:21:50 AM »

According to the information I've found so far on this topic, JSON Web Tokens fall into the scope of cryptography and RTC is not a cryptographic library.

But, I did find an Open Source Delphi Project which seems to have JWT support, so it might help you get started. It looks like that Project is under active development and the author provided his E-Mail address, so you could also try shooting him an E-Mail if you need help. Or ... you could try contacting one of the Delphi cryptography component vendors like StreamSec or Eldos to ask if they have something ready to be used out-of-the-box.

Best Regards,
Danijel Tkalcec
Logged
Henrick (StreamSec)
RTC Partner
*****
Posts: 32


« Reply #3 on: November 01, 2014, 07:28:25 PM »

 A word of warning. There is no standard, or even de facto standard, for JSON Web Token. The most authoritative specification that exists, is an internet draft, which is currently at version 30. The only variant of JWT that most current implementations seem to agree on, is the HMAC-SHA256 variant. This is also fairly easy to implement using ST 2.x or ST 4.0, provided that you already have a working knowledge of JSON.
Logged
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.21 | SMF © 2015, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.025 seconds with 17 queries.