search

SpoonX / aurelia-authentication

Authentication plugin for aurelia.
http://aurelia-authentication.spoonx.org
MIT License
90 stars 60 forks source link

baseConfig.client.client not defined after baseConfig.configure(authConfig) #399

Closed ollie314 closed 3 years ago

ollie314 commented 6 years ago

Hi, I'm submitting a report about a clarification on the documentation since I'm not sure about the right way to configure my application.

Overview

The documentation gives input about the http client configuration but the configuration is not possible in my case (a simple skelleton for now).

Motivation

I want to know if there is a delta between the actual behavior and the documentation (may be due to code evolution or something like that) as well as I want to be able to correctly configure my application (according to the philosophy of the library's designers). I have to add a custom interceptor and I want to use the .withInterceptor function. I also have to configure credential to update the behavior of the httpClient. This corresponding to a snippet like the following one.

.withDefaults({
        credentials: 'same-origin',
        headers: {
          'Accept': 'application/json',
          'X-Requested-With': 'Fetch'
        }
      })

Version

The version that I'm using is the "aurelia-authentication": "^3.8.1",.

Browser and OS

browser : Chrome Version 67.0.3396.99 (Official Build) (32-bit) OS: Microsoft Windows [Version 6.3.9600] (windows 8 but I'm not sure)

Details

I'm trying to use the plugin to perform oauth tasks and I'm not sure how to understand the documentation.

extracted from documentation https://aurelia-authentication.spoonx.org/configuration.html

With aurelia-fetch-client Aurelia-authentication can be used with the aurelia-fetch-client. [...]

baseConfig.configure(authConfig);
});
/* At this point, baseConfig.client is the aurelia-api Rest client. The HttpClient is the baseConfig.client.client */
baseConfig.client.client /* <- on my impl, at this time, baseConfig.client is null. */
// [...]

It seems that this snippet

if (!(client instanceof _aureliaApi.Rest)) {
    client = new _aureliaApi.Rest(frameworkConfig.container.get(_aureliaFetchClient.HttpClient));
  }
baseConfig.client = client; // client is undefined here

Cannot initialize the HttpClient (it always returns undefined).

To get a defined client, I have to defer the process (setTimeout) to let the initialization's cycle complete.

The other solution proposed also doesn't work for me

With aurelia-api Aurelia-authentication is best used with the endpoints of aurelia-api.


/* configure aurelia-authentication to use above aurelia-api endpoints */
.plugin('aurelia-authentication', baseConfig => {
baseConfig.configure({
endpoint: 'auth',                   // '' for the default endpoint
configureEndpoints: ['auth', 'api'] // '' for the default endpoint
});
    /* At this point, baseConfig.client is the aurelia-api Rest client from the 'auth' endpoint. The HttpClient is baseConfig.client.client */ /* <- on my impl, this assertion is false. */
});

> At this point, baseConfig.client [...]

On my env, the js engine (v8, spidermonkey) indicates the baseConfig object is not defined (which seems correct for me since the it is not defined in the active clojure (is a `var` defined it for the `window` somewhere?),

My configuration
I'm using Webpack and Typescript and I'm using to use an custom oauth server.
I simulate the behavior of our server with auth0 for the test purpose.

Be sure to understand that **we are not using auth0 in production** but a custom oauth server (spring security based implementation).

Since the oauth server is in a restricted area (private cloud) on a close source program, I cannot share the real configuration. In order to simulate the process, I'm using oauth0 like it is a custom provided (meanings with the actual application configuration).

## Reproduce the error
There is no real way to reproduce the error. I provide my project to show the configuration and point out if the concern is on my side.

> Note: I'm facing another issue on the project regarding the OAuth2 protocol (the flow Authorization Code Grant stipulates that the request for the token [oauth/token] must be made with a Content-Type set to `application/x-www-form-urlencoded` which is the reason (or one of the reason, since I'm working on the issue to ensure about the root cause) of the 401 for the second call (request for token)). I'll open an issue for that (and may provide a PR if I can) on this topic when I'm able to understand what happens in my application.
> For step is probably to be able to configure the application correctly :smirk:

## Detail overview of the project
A workspace is available for now (I'll move to code sandbox if its relevant).
Files: https://aurelia-skeleton-4-bg-ollie314.c9users.io
Application: https://preview.c9users.io/ollie314/aurelia-skeleton-4-bg

User: jdoe@mydom.com / Demo123Test!

Thanks for your great job !  :sparkles:
Regards
doktordirk commented 6 years ago

quick note: the fetch-client withDefaults and withInterceptor don't work well as i think they reset some values. better to use our adding defaults and interceptors.push as far as i remember