2
votes

I am adding functionality to allow users to reject un-expired oauth tokens. (I am using ember-simple-auth-oauth2 and a custom oauth2 implimentation).

I would like to notify clients using a rejected token that their token was manually rejected.

The 401 response from the server contains the reason the token is no longer valid ({message: "Token was expired by ip 1.1.1.1"}).

None of the invalidationSucceeded callbacks or events in the session or application mixin seem to have the 401 request passed to this info.

Is there a way to access the body of the request that returned the 401 before the redirect?

3

3 Answers

1
votes

You can customize the adapter and override the ajaxError method. Following is the example:

import DS from 'ember-data';    
export default DS.RESTAdapter.extend({
     host: url,

     ajaxError: function(jqXHR) {
         var error = this._super(jqXHR);

         if (jqXHR && jqXHR.status === 401) {
             var jsonErrors = Ember.$.parseJSON(jqXHR.responseText)["errors"];                 
             return new DS.InvalidError(jsonErrors);
         } else {
             return error;
         }
     }
});
3
votes

401 Unauthorized will trigger the authorizationFailed action if you're using the ApplicationRouteMixin. If you're not using the ApplicationRouteMixin you can subscribe to the session's authorizationFailed event.

0
votes

What if you override the authenticate action in your controller and handle the failure in there?

authenticate: function () {
  var promise = this._super(),
    _this = this;

  promise.then(function(result) {
    // code to do if succeeded
  }).catch(function(result) {
    // code to do if failed
  });
}

You just need to make sure that you call super to hand off the actual authenticate logic.