Oauth paths fail when API and frontend are not at the same root URL

[diiq]

My situation:

I host my frontend client at one URL. I host my API at a different URL.

When I try to use oAuthPaths to configure the API path for oAuth, the window's root URL (not the apiPath) is prepended to the path I provide.

See angular2-token.service.ts line 519: https://github.com/neroniaky/angular2-token/blob/master/src/angular2-token.service.ts#L519

Unless I'm missing something, as things stand I can't use Angular2-token to oauth at all. Am I doing something wrong, or at least foolish?

---

I'd request that either I be allowed to provide a full URL for oAuthPaths:

this._tokenService.init({
  apiPath: 'http://api.example.com/api/v1',
  oAuthPaths: {
    google: 'http://oauth.another-example.com/auth/google'
   },
})

or that oAuthPaths uses the apiPath as its route:

url = `${this._options.apiBase}/${oAuthPath}`;  // angular2-token.service.ts#L519

...if not all the time, at least optionally.

---

Thanks so much; it's great to see the token-auth torch passed on to angular 2!

[neroniaky]

@diiq thanks for your detailed problem description!

As it stands OAuth does not work with an Rails API app unless you modify your rails backend too (see here and here). @piotrkaczmarek create a PR for devise_token_auth but it it did not get merged yet.

Angular2-Token is quite bad at handling subdomain and full paths at the moment. Something I hope I can improve soon. So, right now your use case is not covered.

[diiq]

Thanks for the prompt reply!

I'll look elsewhere for OAuth support for now.

[alesrosina]

Hey @neroniaky is this still true?

I'm trying to do Google oauth in angular app and it seems like this is still not resolved.

Maybe you just remove the whole oauth options from current version, since it is pretty much not usable (as stated above).

And add into docs, that you recomend using other libraries for this task.

Or am I missing sth?