I'm trying to implement a custom authorizer (using ember-cli and ember-cli-simple-auth) but the authorize method is not being called on any requests. The init function is being called and the message that appears in the console when there is no authorizer registered is no longer showing up. Here is the initializer code:
import Ember from 'ember';
import Base from 'simple-auth/authorizers/base';
import ENV from '../config/environment';
ENV['simple-auth'] = ENV['simple-auth'] || {};
ENV['simple-auth'].authorizer = 'authorizer:custom';
ENV['simple-auth'].crossOriginWhiteList = [ENV.NET.API_ENDPOINT];
var CustomAuthorizer = Base.extend({
init: function () {
console.log('Intialize authorizer');
},
authorize: function(jqXHR, requestOptions) {
console.log('Authorize');
var token = this.get('session.token');
if(this.get('session.isAuthenticated') && !Ember.isEmpty(token)) {
authValue = "Token " + token;
jqXHR.setRequestHeader('Authorization', authValue);
}
}
});
export default {
name: 'authorization',
before: 'simple-auth',
initialize: function(container, application) {
console.log('Registered');
container.register('authorizer:custom', CustomAuthorizer);
}
};
Any help would be appreciated.
Problem here was something quite dumb: my casing of crossOriginWhitelist was incorrect.
Related
I have been fiddling with moving a tutorial I did in Vue to Nuxt. I have been able to get everything working, however I feel I'm not doing it the "proper way". I have added the Nuxt axios module, but wasnt able to get it working, so I ended up just using the usual axios npm module. Here is my store:
import Vue from 'vue'
import Vuex from 'vuex'
import axios from 'axios'
import VueAxios from 'vue-axios'
Vue.use(Vuex)
Vue.use(VueAxios, axios)
export const state = () => ({
events: []
})
export const mutations = {
setEvents: (state, events) => {
state.events = events
}
}
export const actions = {
loadEvents: async context => {
let uri = 'http://localhost:4000/events';
const response = await axios.get(uri)
context.commit('setEvents', response.data)
}
}
I would like to know how to re-write this store using the #nuxtjs/axios module. I also didnt think I'd need to import vuex here, but if I dont, my app doesn't work.
Thanks for any help!
Using the #nuxtjs/axios module, you can configure axios inside your nuxt.config.js:
// nuxt.config.js
export default {
modules: [
'#nuxtjs/axios',
],
axios: {
// proxy: true
}
}
You can use it inside your store (or components) with this.$axios
// In store
{
actions: {
async getIP ({ commit }) {
const ip = await this.$axios.$get('http://icanhazip.com')
commit('SET_IP', ip)
}
}
}
After following the Ember-Simple-Auth-Devise installation guide, I came across the following notice on the console:
No authorizer was configured for Ember Simple Auth - specify one if
backend requests need to be authorized.
simple-auth.amd.js:1339
However, I do have the authorizer on the environment which makes me wonder if the culprit is where I placed the code... Also, somehow the Login/Logout on the Ember side is working without any issues.
Original Syntax found on the guide:
//config/environment.js
ENV['simple-auth'] = {
authorizer: 'simple-auth-authorizer:devise'
}
My project environment file:
/* jshint node: true */
module.exports = function(environment) {
var ENV = {
modulePrefix: 'frontend',
environment: environment,
baseURL: '/',
locationType: 'auto',
EmberENV: {
FEATURES: {
// Here you can enable experimental features on an ember canary build
// e.g. 'with-controller': true
}
},
APP: {
// Here you can pass flags/options to your application instance
// when it is created
}
};
if (environment === 'simple-auth') {
authorizer: 'simple-auth-authorizer:devise'
store: 'simple-auth-session-store:local-storage'
}
if (environment === 'development') {
// ENV.APP.LOG_RESOLVER = true;
// ENV.APP.LOG_ACTIVE_GENERATION = true;
// ENV.APP.LOG_TRANSITIONS = true;
// ENV.APP.LOG_TRANSITIONS_INTERNAL = true;
// ENV.APP.LOG_VIEW_LOOKUPS = true;
}
if (environment === 'test') {
// Testem prefers this...
ENV.baseURL = '/';
ENV.locationType = 'none';
// keep test console output quieter
ENV.APP.LOG_ACTIVE_GENERATION = false;
ENV.APP.LOG_VIEW_LOOKUPS = false;
ENV.APP.rootElement = '#ember-testing';
}
if (environment === 'production') {
}
return ENV;
};
Version Information:
DEBUG: Ember : 1.12.0
DEBUG: Ember Data : 1.0.0-beta.18
DEBUG: jQuery : 1.11.3
DEBUG: Ember Simple Auth : 0.8.0
DEBUG: Ember Simple Auth Devise : 0.8.0
Code placement was the issue as I previously misunderstood the guides... By adding the original syntax just before return ENV the issue has been resolved. This is how my environment file looks now:
...
if (environment === 'production') {
}
ENV['simple-auth'] = {
authorizer: 'simple-auth-authorizer:devise'
}
return ENV;
};
Now that I'm looking to use Ember-cli for my front-end, I'd need to use OpenID Connect for authentication and authorisation.
Has anyone done anything like this before?. I couldn't find any examples so far. I came across 'ember-cli-simple-auth', 'ember-cli-simple-auth-oauth2', 'ember-cli-simple-auth-token'.
I'm guessing I should be using 'ember-cli-simple-token'? Has anyone tried this? if so could you point me to any examples/reading resources?
Update: (11 Jul 15 )
I've been looking into 'torii' in particular 'ember-cli-torii-azure-provider'. I could get Authorization code fine, but no Id_Token (I guess its because it isn't asking Azure AD for Id_Token ), looks like I do need to look at writing a new torii provider. As per the Torii documentation,
Torii will lookup providers in the Ember application container, so if you name them conventionally (put them in the app/torii-providers directory) they will be available automatically when using ember-cli or ember app kit.
Does it mean, in my ember-cli project, I need to create 'torii-providers' folder and create the new provider? lets say 'torii-azure-openidconnect.js'?
UPDATE:
I'm trying to create a custom Torii provider for AzureAD OpenID Connect.
I'm getting "Error: The response from the provider is missing these required response params: id_token"
Here is my custom provider :
import Ember from 'ember';
import Oauth2 from 'torii/providers/oauth2-code';
import {configurable} from 'torii/configuration';
var computed = Ember.computed;
/**
* This class implements authentication against AzureAD
* using the OAuth2 authorization flow in a popup window.
* #class
*/
export default Oauth2.extend({
name: 'azure-ad-oidc',
baseUrl: computed(function() {
return 'https://login.windows.net/' + this.get('tennantId') + '/oauth2/authorize';
}),
tennantId: configurable('tennantId', 'common'),
// additional url params that this provider requires
requiredUrlParams: ['api-version','response_mode', 'nonce'],
optionalUrlParams: ['scope'],
responseMode: configurable('responseMode', null),
responseParams: computed(function () {
return [ this.get('responseType') ];
}),
state: 'STATE',
apiVersion: '1.0',
nonce : configurable('nonce', null),
responseType: configurable('responseType', 'null'),
redirectUri: configurable('redirectUri', function(){
// A hack that allows redirectUri to be configurable
// but default to the superclass
return this._super();
}),
open: function(){
var name = this.get('name'),
url = this.buildUrl(),
redirectUri = this.get('redirectUri'),
responseParams = this.get('responseParams'),
responseType = this.get('responseType'),
state = this.get('state'),
shouldCheckState = responseParams.indexOf('state') !== -1;
return this.get('popup').open(url, responseParams).then(function(authData){
var missingResponseParams = [];
responseParams.forEach(function(param){
if (authData[param] === undefined) {
missingResponseParams.push(param);
}
});
if (missingResponseParams.length){
throw new Error("The response from the provider is missing " +
"these required response params: " + missingResponseParams.join(', '));
}
if (shouldCheckState && authData.state !== state) {
throw new Error('The response from the provider has an incorrect ' +
'session state param: should be "' + state + '", ' +
'but is "' + authData.state + '"');
}
return {
authorizationCode: authData[responseType],
provider: name,
redirectUri: redirectUri
};
});
}
});
configuration.js
torii: {
sessionServiceName: 'toriiSession',
providers: {
'azure-ad-oidc' :{
tennantId : 'tenant id',
client_id : 'client_id',
redirectUri : 'http://localhost:4200',
nonce : 'my_nonce',
responseMode : 'form_post',
responseType : 'id_token',
scope : 'openid',
apiKey : ''
}
}
},
routes/application.js
import Ember from 'ember';
export default Ember.Route.extend({
actions: {
azureLogin: function() {
this.get('torii').open('azure-ad-oidc').then(function(data) {
var authCode = this.get('toriiSession.authorizationCode');
console.log(authCode);
});
}
}
});
couldn't workout how to fix this..am I missing anything?
Please see ember-simple-auth-oidc, which implements the Authorization Code Flow of OpenID Connect and integrates with ember-simple-auth.
(I realize that the question has been asked a long time ago, but maybe it helps people who run into this in the future)
I'm trying to write a custom authenticator, similar to the one from this example in the docs. The goal is to be able to retrieve the currently logged in user via session.user.
I'm using Ember CLI, so in initializers/authentication.js I have
import Ember from 'ember';
var customAuthenticator = Ember.SimpleAuth.Authenticators.Devise.extend({
authenticate: function(credentials) {
debugger;
}
});
export default {
name: 'authentication',
initialize: function(container, application) {
Ember.SimpleAuth.Session.reopen({
user: function() {
var userId = this.get('user_id');
if (!Ember.isEmpty(userId)) {
return container.lookup('store:main').find('user', userId);
}
}.property('userId')
});
// register the custom authenticator so the session can find it
container.register('authenticator:custom', customAuthenticator);
Ember.SimpleAuth.setup(container, application, {
routeAfterAuthentication: 'landing-pages',
authorizerFactory: 'ember-simple-auth-authorizer:devise'
});
}
};
When I try to authenticate, I get the following error:
TypeError: Cannot read property 'authenticate' of undefined
at __exports__.default.Ember.ObjectProxy.extend.authenticate
Any idea why?
As of Simple Auth 0.6.4, you can now do something like:
index.html:
window.ENV['simple-auth'] = {
authorizer: 'simple-auth-authorizer:devise',
session: 'session:withCurrentUser'
};
initializers/customize-session.js:
import Ember from 'ember';
import Session from 'simple-auth/session';
var SessionWithCurrentUser = Session.extend({
currentUser: function() {
var userId = this.get('user_id');
if (!Ember.isEmpty(userId)) {
return this.container.lookup('store:main').find('user', userId);
}
}.property('user_id')
});
export default {
name: 'customize-session',
initialize: function(container) {
container.register('session:withCurrentUser', SessionWithCurrentUser);
}
};
You would need to do something like this:
Em.SimpleAuth.Authenticators.OAuth2.reopen
serverTokenEndpoint: "http://myapp.com/token"
authenticate: (credentials) ->
new Em.RSVP.Promise (resolve, reject) =>
data =
grant_type: "password"
username: credentials.identification
password: credentials.password
#makeRequest(data).then (response) =>
# success call
, (xhr, status, error) ->
# fail call
What I think might be happening is that you are registering the authenticator with the application and not the authenticator itself?
The problem is that the AMD build does not currently automatically register the extension libraries' components (see https://github.com/simplabs/ember-simple-auth/issues/198). I'll change that in the next release and will probably also adopt the documentation to be more focussed on the AMD build instead of the browserified version. For the moment you'd have to run this in your initializer
container.register(
'ember-simple-auth-authorizer:devise',
Ember.SimpleAuth.Authorizers.Devise
);
container.register(
'ember-simple-auth-authenticator:devise',
Ember.SimpleAuth.Authenticators.Devise
);
I'm trying to make some basic tests on REST requests I'm doing using Angular $resource.
The service code works just fine.
'use strict';
angular.module('lelylan.services', ['ngResource']).
factory('Device', ['Settings', '$resource', '$http', function(Settings, $resource, $http) {
var token = 'df39d56eaa83cf94ef546cebdfb31241327e62f8712ddc4fad0297e8de746f62';
$http.defaults.headers.common["Authorization"] = 'Bearer ' + token;
var resource = $resource(
'http://localhost:port/devices/:id',
{ port: ':3001', id: '#id' },
{ update: { method: 'PUT' } }
);
return resource;
}]);
I'm using the Device resource inside a directive and it works. The problems comes out
when I start making some tests on the services. Here is a sample test where I mock the
HTTP request using $httpBackend and I make a request to the mocked URL.
Unluckily it does not return anything, although the request is made. I'm sure about this
because if a request to another URL is made, the test suite automatically raises an error.
I've been spending lot of time, but no solutions. Here the test code.
'use strict';
var $httpBackend;
describe('Services', function() {
beforeEach(module('lelylan'));
beforeEach(inject(function($injector) {
var uri = 'http://localhost:3001/devices/50c61ff1d033a9b610000001';
var device = { name: 'Light', updated_at: '2012-12-20T18:40:19Z' };
$httpBackend = $injector.get('$httpBackend');
$httpBackend.whenGET(uri).respond(device)
}));
describe('Device#get', function() {
it('returns a JSON', inject(function(Device) {
device = Device.get({ id: '50c61ff1d033a9b610000001' });
expect(device.name).toEqual('Light');
}));
});
});
As the device is not loaded this is the error.
Expected undefined to equal 'Light'.
Error: Expected undefined to equal 'Light'.
I've tried also using the following solution, but it doesn't get into the function
to check the expectation.
it('returns a JSON', inject(function(Device) {
device = Device.get({ id: '50c61ff1d033a9b610000001' }, function() {
expect(device.name).toEqual('Light');
});
}));
Any suggestion or link to solve this problem is really appreciated.
Thanks a lot.
You were very close, the only thing missing was a call to the $httpBackend.flush();. The working test looks like follows:
it('returns a JSON', inject(function(Device) {
var device = Device.get({ id: '50c61ff1d033a9b610000001' });
$httpBackend.flush();
expect(device.name).toEqual('Light');
}));
and a live test in plunker: http://plnkr.co/edit/Pp0LbLHs0Qxlgqkl948l?p=preview
You might also want to check docs for the $httpBackend mock.
In later versions of angular, I'm using 1.2.0rc1 you also need to call this within a $apply or call $digest on a scope. The resource call isn't made unless you do something like this:
var o, back, scope;
beforeEach(inject(function( $httpBackend, TestAPI,$rootScope) {
o = TestAPI;
back = $httpBackend;
scope = $rootScope.$new();
}));
it('should call the test api service', function() {
back.whenGET('/api/test').respond({});
back.expectGET('/api/test');
scope.$apply( o.test());
back.flush();
});