0
votes

Get an [error="unauthorized", error_description="Full authentication is required to access this resource"] when trying to connect the ember app to oauth2 authenication service. Any suggestions will be greatly appreciated. I have spend couple of days trying to fix this but to no avail.

here is the code in app.js


         Ember.Application.initializer({
      name: 'authentication',
      initialize: function(container, application) {
         Ember.SimpleAuth.Authenticators.OAuth2.reopen({
                     makeRequest: function(credentials) {
                         credentials.client_id= 'rsweb-client';
                         credentials.client_secret= '123456';
                         credentials.scope='read';
return Ember.$.ajax({ type: "POST", url: 'http://127.0.0.1:8080/api/oauth/token', async: false, data:credentials,
success: function (data, textStatus, xhr){ Ember.run(function(){ resolve({username: data['pl-usr-nickname']}); }); }, error: function (xhr, status, error){ Ember.run(function(){ console.log(xhr.responseText); }); } }); } });
Ember.SimpleAuth.setup(container, application, { // @todo at version 0.1.2 of Ember-simple-auth, add container crossOriginWhitelist: ['http://127.0.0.1:8080'], // @todo remove when live // store: Ember.SimpleAuth.Stores.LocalStorage, authenticationRoute: 'login' }); } }); Here is the # The OAuth-secured REST Endpoint This uses the simple OAuth Resource Owner Password flow. Here is an example of how to acquired an access_token, and then use that access_token to update an application. ``` curl --noproxy localhost -X POST -vu rsweb-client:123456 http://127.0.0.1:8080/api/oauth/token -H "Accept: application/json" -d "password=password&username=user&grant_type=password&scope=read&client_secret=123456&client_id=rsweb-client"

This returns an token when i access from the command line tool. But not from the ember app.

Here is the request payload:

Content-Type application/x-www-form-urlencoded; charset=UTF-8 Accept */* Parameters application/x-www-form-urlencoded client_id rsweb-client client_secret 123456 grant_type password password password scope read username user
1

1 Answers

1
votes

It looks like your auth server expects the client_id and client_secret as HTTP basic auth credentials while your authenticator sends them in the payload. You'll have to add the Authorization header in the makeRequest method as defined e.g. here: http://tools.ietf.org/html/rfc2617 which would be a base64-encoding of "rsweb-client:123456".