(Delphi DLL) Azure Fetch OpenID Connect metadata document

See more OIDC Examples

Downloads the OpenID Connect self-discovery document for an Azure OIDC enabled app.

For more information, see https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc

Chilkat for Delphi Downloads Chilkat non-ActiveX DLL for Delphi Chilkat ActiveX DLL for Delphi * The examples here use the non-ActiveX DLL.

uses
    Winapi.Windows, Winapi.Messages, System.SysUtils, System.Variants, System.Classes, Vcl.Graphics,
    Vcl.Controls, Vcl.Forms, Vcl.Dialogs, Vcl.StdCtrls, Http, HttpResponse, JsonObject;

...

procedure TForm1.Button1Click(Sender: TObject);
var
http: HCkHttp;
success: Boolean;
resp: HCkHttpResponse;
json: HCkJsonObject;
strVal: PWideChar;
token_endpoint: PWideChar;
jwks_uri: PWideChar;
issuer: PWideChar;
request_uri_parameter_supported: Boolean;
userinfo_endpoint: PWideChar;
authorization_endpoint: PWideChar;
device_authorization_endpoint: PWideChar;
http_logout_supported: Boolean;
frontchannel_logout_supported: Boolean;
end_session_endpoint: PWideChar;
kerberos_endpoint: PWideChar;
tenant_region_scope: PWideChar;
cloud_instance_name: PWideChar;
cloud_graph_host_name: PWideChar;
msgraph_host: PWideChar;
rbac_url: PWideChar;
i: Integer;
count_i: Integer;

begin
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

http := CkHttp_Create();

CkHttp_putAccept(http,'application/json');

// See the Microsoft Azure OIDC documentation at https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc
// The "tenant" can take one of four values described in the documentation at the link above.

success := CkHttp_SetUrlVar(http,'tenant','6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd');
resp := CkHttp_QuickRequest(http,'GET','https://login.microsoftonline.com/{$tenant}/v2.0/.well-known/openid-configuration');
if (CkHttp_getLastMethodSuccess(http) <> True) then
  begin
    Memo1.Lines.Add(CkHttp__lastErrorText(http));
    Exit;
  end;

Memo1.Lines.Add('Response Status Code: ' + IntToStr(CkHttpResponse_getStatusCode(resp)));

json := CkJsonObject_Create();
CkJsonObject_Load(json,CkHttpResponse__bodyStr(resp));
CkJsonObject_putEmitCompact(json,False);
Memo1.Lines.Add(CkJsonObject__emit(json));

if (CkHttpResponse_getStatusCode(resp) <> 200) then
  begin
    Memo1.Lines.Add('Failed.');
    CkHttpResponse_Dispose(resp);
    Exit;
  end;

CkHttpResponse_Dispose(resp);

// Sample output...
// (See the parsing code below..)
// 
// Use the this online tool to generate parsing code from sample JSON: 
// Generate Parsing Code from JSON

// {
//   "token_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/token",
//   "token_endpoint_auth_methods_supported": [
//     "client_secret_post",
//     "private_key_jwt",
//     "client_secret_basic"
//   ],
//   "jwks_uri": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/discovery/v2.0/keys",
//   "response_modes_supported": [
//     "query",
//     "fragment",
//     "form_post"
//   ],
//   "subject_types_supported": [
//     "pairwise"
//   ],
//   "id_token_signing_alg_values_supported": [
//     "RS256"
//   ],
//   "response_types_supported": [
//     "code",
//     "id_token",
//     "code id_token",
//     "id_token token"
//   ],
//   "scopes_supported": [
//     "openid",
//     "profile",
//     "email",
//     "offline_access"
//   ],
//   "issuer": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/v2.0",
//   "request_uri_parameter_supported": false,
//   "userinfo_endpoint": "https://graph.microsoft.com/oidc/userinfo",
//   "authorization_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/authorize",
//   "device_authorization_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/devicecode",
//   "http_logout_supported": true,
//   "frontchannel_logout_supported": true,
//   "end_session_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/oauth2/v2.0/logout",
//   "claims_supported": [
//     "sub",
//     "iss",
//     "cloud_instance_name",
//     "cloud_instance_host_name",
//     "cloud_graph_host_name",
//     "msgraph_host",
//     "aud",
//     "exp",
//     "iat",
//     "auth_time",
//     "acr",
//     "nonce",
//     "preferred_username",
//     "name",
//     "tid",
//     "ver",
//     "at_hash",
//     "c_hash",
//     "email"
//   ],
//   "kerberos_endpoint": "https://login.microsoftonline.com/6d8ddd66-68d1-44b0-af5c-e31b4b7ee5cd/kerberos",
//   "tenant_region_scope": "NA",
//   "cloud_instance_name": "microsoftonline.com",
//   "cloud_graph_host_name": "graph.windows.net",
//   "msgraph_host": "graph.microsoft.com",
//   "rbac_url": "https://pas.windows.net"
// }

token_endpoint := CkJsonObject__stringOf(json,'token_endpoint');
jwks_uri := CkJsonObject__stringOf(json,'jwks_uri');
issuer := CkJsonObject__stringOf(json,'issuer');
request_uri_parameter_supported := CkJsonObject_BoolOf(json,'request_uri_parameter_supported');
userinfo_endpoint := CkJsonObject__stringOf(json,'userinfo_endpoint');
authorization_endpoint := CkJsonObject__stringOf(json,'authorization_endpoint');
device_authorization_endpoint := CkJsonObject__stringOf(json,'device_authorization_endpoint');
http_logout_supported := CkJsonObject_BoolOf(json,'http_logout_supported');
frontchannel_logout_supported := CkJsonObject_BoolOf(json,'frontchannel_logout_supported');
end_session_endpoint := CkJsonObject__stringOf(json,'end_session_endpoint');
kerberos_endpoint := CkJsonObject__stringOf(json,'kerberos_endpoint');
tenant_region_scope := CkJsonObject__stringOf(json,'tenant_region_scope');
cloud_instance_name := CkJsonObject__stringOf(json,'cloud_instance_name');
cloud_graph_host_name := CkJsonObject__stringOf(json,'cloud_graph_host_name');
msgraph_host := CkJsonObject__stringOf(json,'msgraph_host');
rbac_url := CkJsonObject__stringOf(json,'rbac_url');
i := 0;
count_i := CkJsonObject_SizeOfArray(json,'token_endpoint_auth_methods_supported');
while i < count_i do
  begin
    CkJsonObject_putI(json,i);
    strVal := CkJsonObject__stringOf(json,'token_endpoint_auth_methods_supported[i]');
    i := i + 1;
  end;

i := 0;
count_i := CkJsonObject_SizeOfArray(json,'response_modes_supported');
while i < count_i do
  begin
    CkJsonObject_putI(json,i);
    strVal := CkJsonObject__stringOf(json,'response_modes_supported[i]');
    i := i + 1;
  end;

i := 0;
count_i := CkJsonObject_SizeOfArray(json,'subject_types_supported');
while i < count_i do
  begin
    CkJsonObject_putI(json,i);
    strVal := CkJsonObject__stringOf(json,'subject_types_supported[i]');
    i := i + 1;
  end;

i := 0;
count_i := CkJsonObject_SizeOfArray(json,'id_token_signing_alg_values_supported');
while i < count_i do
  begin
    CkJsonObject_putI(json,i);
    strVal := CkJsonObject__stringOf(json,'id_token_signing_alg_values_supported[i]');
    i := i + 1;
  end;

i := 0;
count_i := CkJsonObject_SizeOfArray(json,'response_types_supported');
while i < count_i do
  begin
    CkJsonObject_putI(json,i);
    strVal := CkJsonObject__stringOf(json,'response_types_supported[i]');
    i := i + 1;
  end;

i := 0;
count_i := CkJsonObject_SizeOfArray(json,'scopes_supported');
while i < count_i do
  begin
    CkJsonObject_putI(json,i);
    strVal := CkJsonObject__stringOf(json,'scopes_supported[i]');
    i := i + 1;
  end;

i := 0;
count_i := CkJsonObject_SizeOfArray(json,'claims_supported');
while i < count_i do
  begin
    CkJsonObject_putI(json,i);
    strVal := CkJsonObject__stringOf(json,'claims_supported[i]');
    i := i + 1;
  end;

CkHttp_Dispose(http);
CkJsonObject_Dispose(json);

end;