Play Framework - Proxy request with session authentication
Tag : java , By : Josh Tegart
Date : March 29 2020, 07:55 AM
seems to work fine I used play.libs.WS to make the proxy calls pragmatically. Here's the code. Currently the session is getting lost on every call, but that's a different issue. -Edit - The session getting lost happens because the fav.ico doesn't have a cookie sent with it and Play relies on cookies for the session. I added a check for that, but it's probably better to filter that out in the routes file. package controllers;
import models.PingResponse;
import play.data.Form;
import play.libs.F;
import play.mvc.Controller;
import play.mvc.Result;
import play.libs.WS;
public class Ping extends Controller {
final static String playProxyURL = "http://localhost:9000/"; // pretend this is our proxy domain(should be on port 80)
final static String couchAppURL = "http://localhost:80/couchappTest/"; // pretend this is our internal secure site
final static String pingURL = "http://localhost:80/pingTest/"; // pretend this is ping endpoint
public static Result init() {
return Ping.useProxy("");
}
public static Result useProxy(String assetPath) {
// request for favicon.ico doesn't include cookie :(
if (assetPath.equals("favicon.ico")) {
return ok();
}
if (session("authorized") == null || !session("authorized").equals("true")) {
System.out.println("not auth");
return redirect(pingURL);
} else {
return async(
WS.url(couchAppURL + assetPath).get().map(
new F.Function<WS.Response, Result>() {
public Result apply(WS.Response response) {
return ok(response.getBody()).as(response.getHeader("Content-type"));
}
}
)
);
}
}
public static Result pingCallbackGET(String token, String httpRef) {
if (token == null || token.equals("")) {
return unauthorized();
} else {
System.out.println("auth");
session("authorized", "true");
session("token", token);
}
return redirect(playProxyURL + httpRef);
}
}
|
Authentication loop in django-rest-framework when accessing request.user
Date : March 29 2020, 07:55 AM
may help you . As this document suggests:
|
How do I make an HTTP request to Django Rest Framework with Session Authentication?
Tag : python , By : Singularity
Date : March 29 2020, 07:55 AM
I wish did fix the issue. Found the answer here. The csrftoken is not supposed to be in the request headers for GET. Instead, fetch('/api/workflows', { credentials: 'include' })...
|
How to populate request.auth.isAuthenticated once the authentication is done in subsequent route in HAPI framework?
Date : March 29 2020, 07:55 AM
I wish did fix the issue. You need to call reply and not request.reply, I would write your code like this. server.ext('onRequest', function (request, reply) {
const context = {
token: request.headers['X-ACCESS-TOKEN'] || request.headers['x-access-token'],
clientId: request.headers['X-CLIENT-ID'] || request.headers['x-client-id'],
};
return reply(context);
});
|
Authentication using Azure AD, successful with manual GET request but failing with .net framework app
Date : March 29 2020, 07:55 AM
this one helps. If you are using webapp/api application type, you need to pass the clientSecret to acquire token. Here is the code sample. var authContext = new AuthenticationContext(context.Options.Authority, new NaiveSessionCache(userObjectId, context.HttpContext.Session));
var credential = new ClientCredential(context.Options.ClientId, context.Options.ClientSecret);
var token2 = await authContext.AcquireTokenAsync(context.Options.Resource,credential);
|
Boards Message :
Related QUESTIONS :
