(Delphi ActiveX) Azure Fetch OpenID Connect metadata document

See more OIDC Examples

Downloads the OpenID Connect self-discovery document for an Azure OIDC enabled app.

For more information, see https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc

Chilkat for Delphi Downloads Chilkat ActiveX DLL for Delphi Chilkat non-ActiveX DLL for Delphi * The examples here use the ActiveX DLL.

uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Chilkat_TLB;

...

procedure TForm1.Button1Click(Sender: TObject);
var
http: TChilkatHttp;
success: Integer;
resp: IChilkatHttpResponse;
json: TChilkatJsonObject;
strVal: WideString;
token_endpoint: WideString;
jwks_uri: WideString;
issuer: WideString;
request_uri_parameter_supported: Integer;
userinfo_endpoint: WideString;
authorization_endpoint: WideString;
device_authorization_endpoint: WideString;
http_logout_supported: Integer;
frontchannel_logout_supported: Integer;
end_session_endpoint: WideString;
kerberos_endpoint: WideString;
tenant_region_scope: WideString;
cloud_instance_name: WideString;
cloud_graph_host_name: WideString;
msgraph_host: WideString;
rbac_url: WideString;
i: Integer;
count_i: Integer;

begin
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

http := TChilkatHttp.Create(Self);

http.Accept := 'application/json';

// See the Microsoft Azure OIDC documentation at https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc
// The "tenant" can take one of four values described in the documentation at the link above.

success := http.SetUrlVar('tenant','6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd');
resp := http.QuickRequest('GET','https://login.microsoftonline.com/{$tenant}/v2.0/.well-known/openid-configuration');
if (http.LastMethodSuccess <> 1) then
  begin
    Memo1.Lines.Add(http.LastErrorText);
    Exit;
  end;

Memo1.Lines.Add('Response Status Code: ' + IntToStr(resp.StatusCode));

json := TChilkatJsonObject.Create(Self);
json.Load(resp.BodyStr);
json.EmitCompact := 0;
Memo1.Lines.Add(json.Emit());

if (resp.StatusCode <> 200) then
  begin
    Memo1.Lines.Add('Failed.');

    Exit;
  end;

// Sample output...
// (See the parsing code below..)
// 
// Use the this online tool to generate parsing code from sample JSON: 
// Generate Parsing Code from JSON

// {
//   "token_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/token",
//   "token_endpoint_auth_methods_supported": [
//     "client_secret_post",
//     "private_key_jwt",
//     "client_secret_basic"
//   ],
//   "jwks_uri": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/discovery/v2.0/keys",
//   "response_modes_supported": [
//     "query",
//     "fragment",
//     "form_post"
//   ],
//   "subject_types_supported": [
//     "pairwise"
//   ],
//   "id_token_signing_alg_values_supported": [
//     "RS256"
//   ],
//   "response_types_supported": [
//     "code",
//     "id_token",
//     "code id_token",
//     "id_token token"
//   ],
//   "scopes_supported": [
//     "openid",
//     "profile",
//     "email",
//     "offline_access"
//   ],
//   "issuer": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/v2.0",
//   "request_uri_parameter_supported": false,
//   "userinfo_endpoint": "https://graph.microsoft.com/oidc/userinfo",
//   "authorization_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/authorize",
//   "device_authorization_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/devicecode",
//   "http_logout_supported": true,
//   "frontchannel_logout_supported": true,
//   "end_session_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/logout",
//   "claims_supported": [
//     "sub",
//     "iss",
//     "cloud_instance_name",
//     "cloud_instance_host_name",
//     "cloud_graph_host_name",
//     "msgraph_host",
//     "aud",
//     "exp",
//     "iat",
//     "auth_time",
//     "acr",
//     "nonce",
//     "preferred_username",
//     "name",
//     "tid",
//     "ver",
//     "at_hash",
//     "c_hash",
//     "email"
//   ],
//   "kerberos_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/kerberos",
//   "tenant_region_scope": "NA",
//   "cloud_instance_name": "microsoftonline.com",
//   "cloud_graph_host_name": "graph.windows.net",
//   "msgraph_host": "graph.microsoft.com",
//   "rbac_url": "https://pas.windows.net"
// }

token_endpoint := json.StringOf('token_endpoint');
jwks_uri := json.StringOf('jwks_uri');
issuer := json.StringOf('issuer');
request_uri_parameter_supported := json.BoolOf('request_uri_parameter_supported');
userinfo_endpoint := json.StringOf('userinfo_endpoint');
authorization_endpoint := json.StringOf('authorization_endpoint');
device_authorization_endpoint := json.StringOf('device_authorization_endpoint');
http_logout_supported := json.BoolOf('http_logout_supported');
frontchannel_logout_supported := json.BoolOf('frontchannel_logout_supported');
end_session_endpoint := json.StringOf('end_session_endpoint');
kerberos_endpoint := json.StringOf('kerberos_endpoint');
tenant_region_scope := json.StringOf('tenant_region_scope');
cloud_instance_name := json.StringOf('cloud_instance_name');
cloud_graph_host_name := json.StringOf('cloud_graph_host_name');
msgraph_host := json.StringOf('msgraph_host');
rbac_url := json.StringOf('rbac_url');
i := 0;
count_i := json.SizeOfArray('token_endpoint_auth_methods_supported');
while i < count_i do
  begin
    json.I := i;
    strVal := json.StringOf('token_endpoint_auth_methods_supported[i]');
    i := i + 1;
  end;

i := 0;
count_i := json.SizeOfArray('response_modes_supported');
while i < count_i do
  begin
    json.I := i;
    strVal := json.StringOf('response_modes_supported[i]');
    i := i + 1;
  end;

i := 0;
count_i := json.SizeOfArray('subject_types_supported');
while i < count_i do
  begin
    json.I := i;
    strVal := json.StringOf('subject_types_supported[i]');
    i := i + 1;
  end;

i := 0;
count_i := json.SizeOfArray('id_token_signing_alg_values_supported');
while i < count_i do
  begin
    json.I := i;
    strVal := json.StringOf('id_token_signing_alg_values_supported[i]');
    i := i + 1;
  end;

i := 0;
count_i := json.SizeOfArray('response_types_supported');
while i < count_i do
  begin
    json.I := i;
    strVal := json.StringOf('response_types_supported[i]');
    i := i + 1;
  end;

i := 0;
count_i := json.SizeOfArray('scopes_supported');
while i < count_i do
  begin
    json.I := i;
    strVal := json.StringOf('scopes_supported[i]');
    i := i + 1;
  end;

i := 0;
count_i := json.SizeOfArray('claims_supported');
while i < count_i do
  begin
    json.I := i;
    strVal := json.StringOf('claims_supported[i]');
    i := i + 1;
  end;
end;