mardi 24 février 2015

ember-simple-auth-oauth2 and ember-cli-0.2.0.beta.1: serverTokenRevocationEndPoint

I'm using the following libraries:



  • ember-cli: 0.2.0.beta.1

  • ember-cli-simple-auth: 0.7.3

  • ember-cli-simple-auth-oauth2: 0.7.3


The simple-auth libs were installed like so:



ember install:addon ember-cli-simple-auth
ember install:addon ember-cli-simple-auth-oauth2


I've been trying to get simple-auth configured with the standard simple-auth Oauth2 authenticator simple-auth-authenticator:oauth2-password-grant which seems to be mandatory to put in my login controller that mixed LoginControllerMixin (not sure why we have the ENV['simple-auth'] = { authenticator: ' ... ' }; option since it's not honored?) and trying to set the following end points:



serverTokenRevocationEndpoint: '/revoke'
serverTokenEndPoint: '/test'


no matter how I put things in the config/environment.js it just doesn't get honored. My end point remains the default /token and the revocation point is not in effect.


Do I need to create a custom Oauth2 authenticator class for my settings to be used?


I thought configuring it would kick off the standard classes and just work, no?


Here's what I have so far:


controllers/login.js 



import Ember from 'ember';
import LoginControllerMixin from 'simple-auth/mixins/login-controller-mixin';

export
default Ember.Controller.extend(LoginControllerMixin, {
  authenticator: 'simple-auth-authenticator:oauth2-password-grant'
});


config/environment.js 



module.exports = function(environment) {

  ...

  if(environment === 'development') {
    // ENV.APP.LOG_RESOLVER = true;
    // ENV.APP.LOG_ACTIVE_GENERATION = true;
    // ENV.APP.LOG_TRANSITIONS = true;
    // ENV.APP.LOG_TRANSITIONS_INTERNAL = true;
    // ENV.APP.LOG_VIEW_LOOKUPS = true;

    ENV['simple-auth'] = {
      authorizer: 'simple-auth-authorizer:oauth2-bearer'
        //serverTokenRevocationEndpoint: '/revoke'
    };

    ENV['simple-auth-oauth2'] = {
      serverTokenEndPoint: '/test',
      serverTokenRevocationEndpoint: '/logout'
    };
  }

  ...

  return ENV;
}


As is, the authenticate method send the request to /token and the invalidateSession invalidates the session but sends no request to the back-end.





Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)