<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-cite-prefix">On 05/22/2013 10:12 AM, Kris Borchers
wrote:<br>
</div>
<blockquote
cite="mid:2D47F9E4-0DA5-41A1-A069-E433BB07C5AE@redhat.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
OK, so I am going to try to spell out the workflow as I see it
working in JS. I would appreciate any feedback on whether or not
this is crazy/wrong.
<div><br>
</div>
<div>
<ol class="MailOutline">
<li>Create Basic or Digest authenticator</li>
<ol>
<li>Must include a callback to be fired when a request to
auth is received from server</li>
</ol>
<li>Create pipe which uses this authenticator</li>
<li>Attempt read, save or remove on this pipe</li>
<li>Endpoint returns 401 with header indicating type of auth
required</li>
<ol>
<li>Need to research that this won't trigger the browser's
native Basic/Digest auth handling</li>
</ol>
<li>Fire user supplied auth callback passing it a reference to
a "login" method that the user will pass the credentials
collected in the auth callback</li>
<li>Use "login" method to construct appropriate response to
server's 401</li>
<ol>
<li>This is the fun part :-P</li>
</ol>
</ol>
</div>
</blockquote>
In the Android version, login is called by the developer, not by the
framework. This "primes" the authenticator which then provides
whatever tokens/headers/parameters/etc that the pipe will need to
authenticate the request.<br>
<br>
This may have to be changed in the future to support multiple login
flows.<br>
<blockquote
cite="mid:2D47F9E4-0DA5-41A1-A069-E433BB07C5AE@redhat.com"
type="cite">
<div>
<ol class="MailOutline">
<li>Server responds to auth attempt</li>
<ol>
<li>Success - continue to process original read, write or
remove</li>
<li>Error - trigger a user supplied auth failure callback</li>
</ol>
</ol>
<div><br>
</div>
<div>Thanks!</div>
<div><br>
</div>
<div>
<div>On May 22, 2013, at 8:44 AM, Summers Pittman <<a
moz-do-not-send="true" href="mailto:supittma@redhat.com">supittma@redhat.com</a>>
wrote:</div>
<br class="Apple-interchange-newline">
<blockquote type="cite">On 05/21/2013 08:22 AM, Kris Borchers
wrote:<br>
<blockquote type="cite">So, having seem the plans around
Basic and Digest auth for Android and iOS, I am wondering
if there is any need for that on JS. Typically that is
handled by the browser and them the server maintains the
session so I would lean toward not needing anything
specific in JS for these types of auth. Input welcome.<br>
</blockquote>
It may be useful is someone tries to embed it in a Node
container or <br>
write a Windows 8 app, Gnome 3 extension, etc.<br>
<blockquote type="cite"><br>
Kris<br>
_______________________________________________<br>
aerogear-dev mailing list<br>
<a moz-do-not-send="true"
href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/aerogear-dev">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
</blockquote>
<br>
_______________________________________________<br>
aerogear-dev mailing list<br>
<a moz-do-not-send="true"
href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/aerogear-dev">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
aerogear-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a>
<a class="moz-txt-link-freetext" href="https://lists.jboss.org/mailman/listinfo/aerogear-dev">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a></pre>
</blockquote>
<br>
</body>
</html>