In my Rails app, I am trying to set a cookie to be picked up by Ember Simple Auth's cookie store after the page has loaded. I am using the Ember Simple Auth OAuth2 authorizer.
在我的Rails应用程序中,我正在尝试设置一个cookie,以便在页面加载后由Ember Simple Auth的cookie存储库获取。我正在使用Ember Simple Auth OAuth2授权程序。
Right now, I am just planting the OAuth data directly as the cookie value:
现在,我只是直接将OAuth数据植入cookie值:
{
"token_type": "bearer",
"access_token": "3ec78864cc017982fdeeb0c092bfbea3f104df1e18c9c67f222581d9353f3fce",
"refresh_token": "cb03c07b8845ea7b40251b0df46839177bd7b51b3dd1d23f167890b9e1549f07",
"created_at": 1436454055,
"expires_in": 7060,
"expires_at": 1436461254
}
I'm guessing this isn't what Ember Simple Auth expects because the syncData function reads it once and then replaces it with this value after the next cookie poll:
我猜这不是Ember Simple Auth所期望的,因为syncData函数只读取一次,然后在下一个cookie轮询后用该值替换它:
{ secure: {} }
What should the data look like for OAuth 2? I'm guessing it's the same no matter how it's stored (cookie vs. local storage vs. ephemeral storage).
OAuth 2的数据应该是什么样的?无论它是如何存储的,我都猜测它是相同的(cookie与本地存储与短暂存储)。
After looking at this screenshot from this post, I figure I'm probably way off, and I've been having trouble understanding where to poke around in the Ember Simple Auth source to figure this out.
看完这篇文章的截图后,我想我可能已经离开了,而且我一直无法理解在Ember Simple Auth源中找到的地方来解决这个问题。
2 个解决方案
#1
1
Ember Simple Auth only uses the cookie to store its internal state. The cookie cannot be set from the server and also should not be used on the server side. The library is solely meant for implementing token authentication for stateless (= cookie-less) APIs.
Ember Simple Auth仅使用cookie来存储其内部状态。 cookie不能从服务器设置,也不应在服务器端使用。该库仅用于为无状态(= cookie-less)API实现令牌认证。
See the README for more info about how OAuth 2.0 works with ESA: https://github.com/simplabs/ember-simple-auth/tree/master/packages/ember-simple-auth-oauth2#ember-simple-auth-oauth-20
有关OAuth 2.0如何与ESA协同工作的详细信息,请参阅自述文件:https://github.com/simplabs/ember-simple-auth/tree/master/packages/ember-simple-auth-oauth2#ember-simple-auth- OAuth的20
#2
0
I believe that Marco's advice in the accepted answer should be followed if at all possible.
我相信,如果可能的话,应该遵循马克在接受的答案中的建议。
But, poking around a little more, I figured out that the cookie content would need to look like this in order for Ember Simple Auth OAuth 2 to recognize it:
但是,稍微多了一点,我发现cookie内容需要看起来像这样才能让Ember Simple Auth OAuth 2识别它:
{
"secure": {
"authenticator": "simple-auth-authenticator:oauth2-password-grant",
"token_type": "bearer",
"access_token": "3ec78864cc017982fdeeb0c092bfbea3f104df1e18c9c67f222581d9353f3fce",
"refresh_token": "cb03c07b8845ea7b40251b0df46839177bd7b51b3dd1d23f167890b9e1549f07",
"created_at": 1436454055,
"expires_in": 7060,
"expires_at": 1436461254
}
}
Of course, there are some drawbacks to this approach, namely that upgrading Ember Simple Auth could break if it changes the format of how it stores this data.
当然,这种方法存在一些缺点,即如果改变Ember Simple Auth存储此数据的格式,则升级Ember Simple Auth可能会中断。
If you set cookies from another app like I'm attempting to do, you'd need to be mindful about reviewing this format after each update of Ember Simple Auth. The best way to accomplish this is to create a blank Ember app with Simple Auth installed and configured, then review the format of the data that it stores after you sign in to the app.
如果你从我试图做的另一个应用程序设置cookie,你需要注意在每次更新Ember Simple Auth后检查这种格式。实现此目的的最佳方法是创建一个安装并配置了Simple Auth的空白Ember应用程序,然后在登录应用程序后查看它存储的数据格式。
#1
1
Ember Simple Auth only uses the cookie to store its internal state. The cookie cannot be set from the server and also should not be used on the server side. The library is solely meant for implementing token authentication for stateless (= cookie-less) APIs.
Ember Simple Auth仅使用cookie来存储其内部状态。 cookie不能从服务器设置,也不应在服务器端使用。该库仅用于为无状态(= cookie-less)API实现令牌认证。
See the README for more info about how OAuth 2.0 works with ESA: https://github.com/simplabs/ember-simple-auth/tree/master/packages/ember-simple-auth-oauth2#ember-simple-auth-oauth-20
有关OAuth 2.0如何与ESA协同工作的详细信息,请参阅自述文件:https://github.com/simplabs/ember-simple-auth/tree/master/packages/ember-simple-auth-oauth2#ember-simple-auth- OAuth的20
#2
0
I believe that Marco's advice in the accepted answer should be followed if at all possible.
我相信,如果可能的话,应该遵循马克在接受的答案中的建议。
But, poking around a little more, I figured out that the cookie content would need to look like this in order for Ember Simple Auth OAuth 2 to recognize it:
但是,稍微多了一点,我发现cookie内容需要看起来像这样才能让Ember Simple Auth OAuth 2识别它:
{
"secure": {
"authenticator": "simple-auth-authenticator:oauth2-password-grant",
"token_type": "bearer",
"access_token": "3ec78864cc017982fdeeb0c092bfbea3f104df1e18c9c67f222581d9353f3fce",
"refresh_token": "cb03c07b8845ea7b40251b0df46839177bd7b51b3dd1d23f167890b9e1549f07",
"created_at": 1436454055,
"expires_in": 7060,
"expires_at": 1436461254
}
}
Of course, there are some drawbacks to this approach, namely that upgrading Ember Simple Auth could break if it changes the format of how it stores this data.
当然,这种方法存在一些缺点,即如果改变Ember Simple Auth存储此数据的格式,则升级Ember Simple Auth可能会中断。
If you set cookies from another app like I'm attempting to do, you'd need to be mindful about reviewing this format after each update of Ember Simple Auth. The best way to accomplish this is to create a blank Ember app with Simple Auth installed and configured, then review the format of the data that it stores after you sign in to the app.
如果你从我试图做的另一个应用程序设置cookie,你需要注意在每次更新Ember Simple Auth后检查这种格式。实现此目的的最佳方法是创建一个安装并配置了Simple Auth的空白Ember应用程序,然后在登录应用程序后查看它存储的数据格式。