spoonx / aurelia-authentication Goto Github PK
View Code? Open in Web Editor NEWAuthentication plugin for aurelia.
Home Page: http://aurelia-authentication.spoonx.org
License: MIT License
Authentication plugin for aurelia.
Home Page: http://aurelia-authentication.spoonx.org
License: MIT License
We should use import {Redirect} from 'aurelia-router';
instead of using window.location
for SPA redirects (as eluded to here). This will:
loginRoute
configuration option)Perhaps allow authentication to be linked up with ORM?
.getMe() could return a User entity (for instance).
related to #53
add a convenient way to have users provide their own
And compare with jwt.decode libs
add 'fake' typings like aurelia
Since the Aurelia team updated some packages, my aurelia-auth
has broken, and I can't figure out if it's me doing things wrong, or if there's a bug in aurelia-auth
or the aurelia
code base..
Any clues would be very much appreciated!
This happens on page loading, just after loading the nav-bar.html
(DEBUG [templating] importing resources for http://localhost:9000/dist/nav-bar.html []
):
Unhandled promise rejection TypeError: Cannot read property 'filter' of undefined
at AuthFilterValueConverter.toView (http://localhost:9000/jspm_packages/github/spoonx/aurelia-auth@master/authFilter.js:22:26)
at ValueConverter.evaluate (http://localhost:9000/jspm_packages/npm/[email protected]/aurelia-binding.js:1121:33)
at Binding.bind (http://localhost:9000/jspm_packages/npm/[email protected]/aurelia-binding.js:4600:36)
at Controller.bind (http://localhost:9000/jspm_packages/npm/[email protected]/aurelia-templating.js:2745:19)
at View.bind (http://localhost:9000/jspm_packages/npm/[email protected]/aurelia-templating.js:847:24)
at Controller.bind (http://localhost:9000/jspm_packages/npm/[email protected]/aurelia-templating.js:2766:19)
at View.bind (http://localhost:9000/jspm_packages/npm/[email protected]/aurelia-templating.js:847:24)
at Controller.bind (http://localhost:9000/jspm_packages/npm/[email protected]/aurelia-templating.js:2766:19)
at Controller.automate (http://localhost:9000/jspm_packages/npm/[email protected]/aurelia-templating.js:2712:12)
at http://localhost:9000/jspm_packages/npm/[email protected]/aurelia-templating.js:3733:22
(anonymous function) @ es6.promise.js:151
module.exports @ _invoke.js:5queue.
(anonymous function) @ _task.js:36
run @ _task.js:23
listner @ _task.js:27
The es6.promise.js
and associated stuff is all from core-js v 2.0.3, which it seems the Aurelia team is moving to..
I'm stumped, so hope you have some clues..
In the Quick Start (http://aurelia-authentication.spoonx.org/Quick%20start.html) in the "Provide a UI for a logon, Signup and Profile" section it states "See aurelia-authentication-samples for more details."
Where's aurelia-authentication-samples located? Is there a working sample application to download?
some parts of authUtils might be replacable with aurelia-oath
http://aurelia.io/docs.html#/aurelia/path/1.0.0-beta.1.1.1/doc/api/overview
The baseUrl gets overwritten. That's not cool; inherit the default and allow for optionally passing along an instance on configure.
add dependency entries as there are for jspm
I've asked the question myself and I've seen it asked at least twice since. Save yourselves some time and stick it in the README!
See here for comments: https://gitter.im/SpoonX/Dev?at=56e7dd5e618c335373ebf2dc
This repository was originally a fork of paulvanbladel/aurealia-auth. It was forked when the original repository was in a period of inactivity, and later made into a repository of it's own. As such we often get asked how this repository differs from the original. So, at the time of writing the differences are as follows:
Aside: Public SpoonX repositories are open to the community and actively maintained and used by the SpoonX company. They follow a strict deploy cycle with reviews and follow semantic versioning. This ensures code quality control and long term commitment.
As per subject,
this happens because the popup (pollPopup) check for the host only
https://github.com/SpoonX/aurelia-auth/blob/master/src/popup.js#L81
A solution may be to check for the path too
var documentOrigin = document.location.host + document.location.pathname;
var popupWindowOrigin = self.popupWindow.location.host + self.popupWindow.location.pathname;
with all those deprecated messages it becomes really neccessary
so RedirectToRoute('login) instead of Redirect('#/login)
Following #93 I wonder if we could change something else. The whole token nesting by using Prop => Root => Name
is more than a bit sucky. Without reading the comments the options are unclear and the names don't flow Root isn't the root.
Anyone have a better solution? I considered a single property that represents the path some.pathTo.theToken
but I'm not sure how easy that is to unwrap or if that is less flexible for some reason.
spoonx/aurelia-api is injected in several files, but is not a listed JSPM dependency in package.json.
separately installing it is required.
Also you can remove the legacy "aurelia-http-client" dependency while you are in there, as I believe you solely rely on fetch client now.
Hi guys,
installing aurelia-authentication and aurelia-api breaks my tests (not my app). I think this is somehow related to the dependencies. I have the following in package.json:
"aurelia-api": "github:SpoonX/aurelia-api@^2.2.0",
"aurelia-authentication": "github:SpoonX/aurelia-authentication@^2.1.1",
This generates a config.js with three entries:
"github:SpoonX/[email protected]": {
"github:SpoonX/[email protected]": {
"github:spoonx/[email protected]": {
My jspm_packages only has a SpoonX directory. Karma gives me the following error:
15 04 2016 19:51:30.411:WARN [web-server]: 404: /base/jspm_packages/github/spoonx/[email protected]
15 04 2016 19:51:30.433:WARN [web-server]: 404: /base/jspm_packages/github/spoonx/[email protected]/aurelia-api.js
Chrome 49.0.2623 (Windows 8.1 0.0.0) ERROR: 'Potentially unhandled rejection [8] Error: XHR error (404 Not Found) loading http://localhost:9876/base/jspm_packages/github/spoonx/[email protected]
at error (http://localhost:9876/base/jspm_packages/system.src.js?6536115be64e0ff966e05546f7767676fa7c03d6:1020:16)
at XMLHttpRequest.xhr.onreadystatechange (http://localhost:9876/base/jspm_packages/system.src.js?6536115be64e0ff966e05546f7767676fa7c03d6:1028:13)'
Any advice? NPM install of auth is not possible at the moment because of some install errors (see #81).
You know
My bundle is missing authFilter:
...
"github:polymer/[email protected]/MutationObserver.js",
"github:spoonx/[email protected]",
"github:spoonx/[email protected]/config.js",
"github:spoonx/[email protected]/endpoint.js",
"github:spoonx/[email protected]/index.js",
"github:spoonx/[email protected]/rest.js",
"github:spoonx/[email protected]",
"github:spoonx/[email protected]/app.fetch-httpClient.config.js",
"github:spoonx/[email protected]/authService.js",
"github:spoonx/[email protected]/authUtils.js",
"github:spoonx/[email protected]/authentication.js",
"github:spoonx/[email protected]/authorizeStep.js",
"github:spoonx/[email protected]/baseConfig.js",
"github:spoonx/[email protected]/index.js",
"github:spoonx/[email protected]/oAuth1.js",
"github:spoonx/[email protected]/oAuth2.js",
"github:spoonx/[email protected]/popup.js",
"github:spoonx/[email protected]/storage.js",
"npm:[email protected]",
...
authFilter is required here: https://github.com/SpoonX/aurelia-auth/blob/e62c9eb9d39d674cc218ea390fa87600b7346c9f/src/index.js#L16
But is not imported, thus not bundled and so results in a 404.
I assume you just need to add import './authFilter';
to fix this.
Given that Satellizer didn't support Azure AD, does your library inherit this limitation?
sahat/satellizer#433
sahat/satellizer#453
From: Sahat Yalkabov [mailto:[email protected]]
Sent: Friday, 10 July 2015 2:37 PM
To: sahat/satellizer
Cc: nigel-dewar
Subject: Re: [satellizer] Azure AD ? (#453)I have decided not to add Azure AD authentication after all. It was the most frustrating experience. Their single sign-on process is either broken or just so horribly unintuitive. I couldn't even get past sign in popup to get authorization code. The page kept redirecting back after clicking on my account to https://login.microsoftonline.com/common/reprocess?sessionId=....... And if I were to log out I couldn't get to sign-in at all. When I enter an email and press TAB to enter a password, it automatically tries to sign you in, it then redirects to microsoft login, after logging in there, it redirects me back to Azure login. And the cycle repeats.
The readme is waaaaay way too long. For a module of this size, I think it's best to break it up into smaller documents. I have two suggestions:
doc/
dirMy preference is option 2, because the wiki is a decent place to put this.
i don't like that auth is added to the route instead of config.auth as i think it's supposed to be. breaking change, i know, but i'd still like it changed. could support both for some time
currently dirty checked. that'd better change
when installing aurelia-authentication from jspm it fails with this log
C:\Users\Alfred\Source\Projects\ElyfeASP4\ElyfeGh\src\Elyfe.Web> jspm install aurelia-authentication
Updating registry cache...
Looking up npm:aurelia-authentication
Downloading npm:[email protected]
warn Error on processPackageConfig
Package.json dependency aurelia-dependency-injection set to npm:aurelia-dependency-injection@^1.0.0-beta.1.2.0, whi
ch is not a valid dependency format for npm.
It's advisable to publish jspm-style packages to GitHub or another registry so conventions are clear.
err Error: Error processing package config for npm:aurelia-authentication.
at C:\Users\Alfred\Source\Projects\ElyfeASP4\ElyfeGh\src\Elyfe.Web\node_modules\jspm\node_modules\systemjs-builder\lib\builder.js:27:9
at Object.lib$rsvp$events$$default.trigger (C:\Users\Alfred\Source\Projects\ElyfeASP4\ElyfeGh\src\Elyfe.Web\node_modules\rsvp\dist\rsvp.js:245:13)
at null._onTimeout (C:\Users\Alfred\Source\Projects\ElyfeASP4\ElyfeGh\src\Elyfe.Web\node_modules\rsvp\dist\rsvp.js:779:47)
at Timer.listOnTimeout (timers.js:92:15)
err Error processing package config for npm:aurelia-authentication.
ProjectRoot> jspm install aurelia-authentication
Updating registry cache...
Looking up npm:aurelia-authentication
Downloading npm:[email protected]
warn Error on processPackageConfig
Package.json dependency aurelia-dependency-injection set to npm:aurelia-dependency-injection@^1.0.0-beta.1.2.0, which is not a valid dependency format for npm.
It's advisable to publish jspm-style packages to GitHub or another registry so conventions are clear.
err Error: Error processing package config for npm:aurelia-authentication.
at ProjectRoot\node_modules\jspm\node_modules\systemjs-builder\lib\builder.js:27:9
at Object.lib$rsvp$events$$default.trigger (ProjectRoot\node_modules\rsvp\dist\rsvp.js:245:13)
at null._onTimeout (ProjectRoot\node_modules\rsvp\dist\rsvp.js:568:47)
at Timer.listOnTimeout (timers.js:92:15)
err Error processing package config for npm:aurelia-authentication.
warn Installation changes not saved.
basics are simple. just delete the config map entry before travis jspm install
send logout to server for those who want that. easy to do and no harm done
Yammer has OAuth 2 authentication but I can't make it work.
https://developer.yammer.com/docs/oauth-2
Is it supported?
Do you have an example of how should I config?
Thanks
{email: email, password: password}
, while my server expects a username key as a parameter for authentication.if that's possible. i'll have a try on it
so much repetition
So the gist here is if I click a link, and it turns out for whatever reason I'm not/no longer authenticated, I get redirected to the login... fine. But when I login, I get redirected back to home or wherever that is statically configured in my authentication settings. It would be good if we could support redirecting back to the original page I wanted to reach.
I actually wanted to submit a PR for this, I started fiddling, and essentially I can make it work... but to make it right, I need to understand a little more about the getAllInstructions() method. How/why would there be multiple instructions in one navigation? If you guys can give the help with this context, I'll happily submit my PR for this.
I saw on the sahat/satlelizer repo that they have the ability to prevent the authorization token on a per request basis like so:
How can I avoid sending Authorization header on all HTTP requests?
By default, once user is authenticated, JWT will be sent on every request. If you would like to prevent > that, you could use skipAuthorization option in your $http request. For example:
$http({ method: 'GET', url: '/api/endpoint', skipAuthorization: true // `Authorization: Bearer <token>` will not be sent on this request. });
Is this something that could be added to aurelia-auth?
I think the OAuth2 spec prefers that login token requests are sent with Content-Type: application/x-www-form-urlencoded - often with a grant_type value as well.
I can't see an easy way to do this with aurelia-auth, but I may be missing something.
I'm trying to call a .Net Web Api with OWIN for all the auth stuff, and I don't have a lot of flexibility on the type of requests that will be accepted.
Hey guys,
So LinkedIn fails to authorize if redirect_uri
value is not encoded. I am getting around it by overriding redirectUri
property in the configuration file. For example
redirectUri: encodeURI(window.location.origin || window.location.protocol + '//' + window.location.host)
You guys may want to support it by default
toString makes everything just to {} or so.
Just to make the config slightly easier, allow the accessTokenProp to be specified as (examples):
Just a suggestion :)
fix on build branch
have look at 4cfe33b
and if it's fine i recommend changing master to dev, build to master (+default) and releasing 2.1.1
It would be a lot easier to handle on the server side if there was an optional separate url route for the refresh token request.
I have a webpack-based aurelia project. I installed aurelia-authentication using npm i aurelia-authentication
.
WebPack (via npm run dev
) complains about not being able to find spoonx/aurelia-api
:
ERROR in ./~/aurelia-authentication/dist/commonjs/aurelia-authentication.js
Module not found: Error: Cannot resolve module 'spoonx/aurelia-api' in /Users/mspencer/Developer/Lelander/skills/webapp/node_modules/aurelia-authentication/dist/commonjs
@ ./~/aurelia-authentication/dist/commonjs/aurelia-authentication.js 12:18-47
ERROR in ./~/aurelia-authentication/dist/commonjs/app.fetch-httpClient.config.js
Module not found: Error: Cannot resolve module 'spoonx/aurelia-api' in /Users/mspencer/Developer/Lelander/skills/webapp/node_modules/aurelia-authentication/dist/commonjs
@ ./~/aurelia-authentication/dist/commonjs/app.fetch-httpClient.config.js 22:18-47
to manually set tokens
we should have a look at those again for issues and ideas
Hi
I just implemented auth0-lock integration in my fork, to use in my latest app. This is the commit:
pfurini@17ed43a
It is a bit rough, and I don't know how to implement proper testing for this, but at least it works..
Key points:
Let me know if anyone is interested in merging this, and what can be done to improve it (especially how to implement tests).
Thx
UPDATE: I changed the commit, the old one was wrong. The relevant files are only auth0Lock.js (added) and authentication.js (changed).
Across spoonx libraries you have changed lib references from github:/spoonx/* to just npm:*
There are still references in /dist/* sources to 'spoonx/aurelia-api' in this project so it's still loading that old reference as a dependency.
Configure accept config based on paulvanbladel/aurelia-auth#71
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.