progress / JSDO

Client side TypeScript library to access Progress® Data Object Services
Other
23 stars 27 forks source link

How to start a JSDO session from existing SSO token #261

Closed hutcj closed 5 years ago

hutcj commented 5 years ago

From the JSDO documentation (https://documentation.progress.com/output/pdo/index.html#page/pdo%2Fchoosing-the-web-server-authentication-model.html%23), 3 authentication types are supported:

Anonymous Basic Form

We have just put together an SSO PASOE authentication endpoint that we are going to use for login to an Angular web application. From there, JSDO calls to return data will still need to be authenticated. Does JSDO support creating a session from an existing SSO token? I've seen there are commits and files in this repository that seem to be focused on implementing SSO, and I see in vscode with autocomplete that AUTH_TYPE_SSO is a valid option.

image

How can we use SSO with the JSDO? Do the JSDO docs just need to be updated or is it not supported?

Other relevant links: https://github.com/progress/JSDO/blob/master/src/auth/progress.auth.sso.js https://github.com/progress/JSDO/commit/62fa3934aabe3074a932f7f29afca3ecb4f0f8d6

zerovian commented 5 years ago

Hi hutcj,

Progress considers the JSDO a community supported product. Progress is ensuring that contributions pass our internal unit tests and will provide review of any submissions that may be made. If you have a contribution you would like to make, please provide a pull request and the Progress team that monitors the JSDO will review it and provide feedback.

The SSO code that you are referring to was put in a couple of years ago. The testing for it was completed, but we did not officially release it. if you care to make use of the SSO functionality, and find an issue we’ll review any pull requests and determine if it should be accepted.

zerovian commented 5 years ago

I'll see if we have some example code we can post that will point you in the right direction.

hutcj commented 5 years ago

Thanks, zerovian 👍

audaciousanil commented 5 years ago

Hi Hutcj,

Here is the quick example on exercising SSO authentication using JSDO. This example uses getSession API of JSDO for establishing session with OpenEdge backend.

Note: This example uses jQuery promises.

progress.util.Deferred.useJQueryPromises = true;

// Variable declarations and assignments var authProvider, // For holding authenticationProvider object info jsdoSession = null, // JSDOSession object myJSDO;

var m_catalogURL = "http:///static/r_Cust_with_Submit.json", m_serviceURI = "http://", m_restURL = myServiceURI = "http://", m_tokenURL = m_restURL, m_resourceName = "r_Cust_with_Submit";

// As we are using two different webapps in this test. One webapp (ROOT) will act like a // service provider and the other webapp (oebal) will act like the Token Provider.

// Assign all values such that we can create valid getSession with this settings object var getSessionSettings = { name: "mygetSession", serviceURI: myServiceURI, authenticationModel: progress.data.Session.AUTH_TYPE_SSO, catalogURI: m_catalogURL, username: "restuser", password: "password", authProviderAuthenticationModel: progress.data.Session.AUTH_TYPE_FORM_SSO, authenticationURI: m_tokenURL + "/oeabl" };

function callgetSession(getSessionSettings) { try { getSessionPromise = new progress.data.getSession(getSessionSettings); getSessionPromise.done(function (session, result) { jsdoSession = session; // Perform fill operation to read data from OpenEdge backend fill(jsdoSession); }); } catch (e) { console.log("Stack Trace: " + e); } }

function fill(jsdoSession) { myJSDO = new progress.data.JSDO(m_resourceName); try { fillPromise = myJSDO.fill('where CustNum <= 2'); fillPromise.done(function (myJSDO, success, request) { console.log(" Display list of the first 2 customers"); myJSDO.ttCustomer.foreach(function (customer) { console.log(" CustNum: " + myJSDO.ttCustomer.CustNum + " Name: " + myJSDO.ttCustomer.Name); }); console.log("* Test: fill() succeeded"); // Dissconnect from the session disconnect(jsdoSession); }); } catch (e) { console.log(" Test Error: Exception in fill() catch: " + e); if (e.stack != undefined) console.log(e.stack); console.log(" Test - getSessionValidParams FAILED"); } }

function disconnect(jsdoSession) {

disconnectPromise = jsdoSession.disconnect();

disconnectPromise.done(function (jsdoSession, result) {
    console.log("* Test: disconnect.done executed");
});

} try { callgetSession(getSessionSettings); } catch (e) { console.log("*** Error msg: " + e); }

Thanks and Regards, Anil Kumar

N8BAUER commented 5 years ago

Hi Anil,

I've been working on implementing this along with Hutchj, but keep running into errors relating to the authProviderAuthenticationModel. Unable to set the property value to progress.data.Session.AUTH_TYPE_FORM_SSO. Also, we're seemingly unable to use to jQuery promises in our Angular build.

On another note, we found this example:[https://github.com/consultingwerk/Angular2JsdoSamples/blob/master/Demo2-JSDO-in-NPM-repo/src/app/app.component.ts] We were having the same issue with the authProviderAuthenticationModel.

audaciousanil commented 5 years ago

Hi N8Bauer,

Which version of JSDO you are using?

I haven't tried above example with Angular.

I am using JSDO 6.0.1 with PASOE server (OpenEdge 12.0) as the backend whose server has two web apps. i.e., one acts like a token server and one for the actual service and am able perform SSO authentication successfully with this configuration.

Thanks and Regards, Anil Kumar

N8BAUER commented 5 years ago

We're using JSDO-Angular and JSDO-Core v 6.0.0. While our Openedge is at v 11.7.4. Also, have the same configuration for server (consumer/producer). Still attempting to find the solution, so if you're aware of any resources you think would be helpful it would be greatly appreciated.

hutcj commented 5 years ago

N8BAUER, We updated when the last version of JSDO was released:

"@progress/jsdo-angular": "^6.0.0", "@progress/jsdo-core": "^6.0.1",