[aerogear-dev] Basic/Digest Auth and JS
Bruno Oliveira
bruno at abstractj.org
Wed May 22 11:22:26 EDT 2013
Looks good. I'm just wondering if we could start our "Auth"
specification to the client side. Wdyt?
I'd like to have JS, iOS and Android on the same page.
Kris Borchers wrote:
> OK, so I am going to try to spell out the workflow as I see it working
> in JS. I would appreciate any feedback on whether or not this is
> crazy/wrong.
>
> 1. Create Basic or Digest authenticator
> 1. Must include a callback to be fired when a request to auth is
> received from server
> 2. Create pipe which uses this authenticator
> 3. Attempt read, save or remove on this pipe
> 4. Endpoint returns 401 with header indicating type of auth required
> 1. Need to research that this won't trigger the browser's native
> Basic/Digest auth handling
> 5. Fire user supplied auth callback passing it a reference to a "login"
> method that the user will pass the credentials collected in the auth
> callback
> 6. Use "login" method to construct appropriate response to server's 401
> 1. This is the fun part :-P
> 7. Server responds to auth attempt
> 1. Success - continue to process original read, write or remove
> 2. Error - trigger a user supplied auth failure callback
>
>
> Thanks!
More information about the aerogear-dev
mailing list