samedi 8 décembre 2018

How to implement an Ember Simple Auth using an external redirect

Here's my workflow.

  1. User presses a login button.
  2. User is redirected to the API which redirects to a login page on a third party site (ADFS SAML).
  3. User authenticates there, is returned to the API which decodes the response, creates a user and a JWT token (both stored in a datastore), and then redirects the user to Ember with a ?token= query parameter.

What I'd like to do is work this in to a custom ember-simple-auth authenticator (and authorizer?) in order to take advantage of the niceness of session and Authorization headers from there on.

Currently I've hacked an authenticator to do just the redirect to the identity provider. The rest of the API workflow is working. And I'm catching the token in a route on the way back and populating a User resource via a call to the database. But I feel that I'm heading down the wrong (and the long) path.

Any thoughts? Is this something that ember-simple-auth-token is designed for?




Aucun commentaire:

Enregistrer un commentaire