Loopback-next: Pass auth header from client to loopback rest-connector
How to pass the Authorization header to the rest-connector for multi-tenanted systems using loopback4. Something like "Before Execute" at an application level for all the requests to rest connector.
arunkumarreddygoluguri
All 4 comments
Hi @arunkumarreddygoluguri I guess you moved the discussion from https://github.com/strongloop/loopback-connector-rest/issues/89
To parse the token from header, you can add an action in sequence to parse the access token from header.
An example is how we retrieved it in the authentication action, see https://github.com/strongloop/loopback4-example-shopping/blob/master/src/authentication-strategies/JWT.strategy.ts#L15
If you want to pass it to controller, you can leverage the dependency injection to inject the access token.
By saying
How to pass the Authorization header to the rest-connector
do you mean pass it as a configuration when initialize the connector or pass it into a connector function?
jannyHou
on 13 Feb 2019
@jannyHou Thanks for the reply, I am building a custom auth token in sequnce.ts by looking at the input parameters from the client app, now this custom auth token need to be passed to all the API requests for a particular rest connector
arunkumarreddygoluguri
on 15 Feb 2019
Hi @arunkumarreddygoluguri ,
I had to do something similar with other parameters for the rest-connector, this is a simple solution, but it worked for me.
Once you get your custom auth token you can register in the context in the sequence.ts file as you stated.
context.bind('savedCustomToken').to(yourCustomToken);
Then in the controller(s) you inject it like so:
constructor (
@inject('savedCustomToken') public token: string,
...
Now here comes the tricky part where this solutions falls into the simple category. In your custom methods, you need to add the token as argument, so all service method invocation carries out this parameter. (ie: yourMethod(arg1: string) now should become yourMethod(arg1: string, token: string) where token is an arbitrary name. _(service proxy interface will also have to change to have this parameter)._
Note: You can also create an interceptor to intercept myCustomMethod invocation and add this last parameter automatically.
In your template for the rest connector you will have something like this:
{
"template": {
"method": "POST",
"url": "http://sampleURL/",
"headers": {
"Authorization": "Bearer {token}",
"cache-control": "no-cache",
"Content-Type": "application/json"
},
"body": "{dummyVar1}"
},
"functions": {
"myCustomMethod": [
"dummyVar1",
"token"
]
}
}
marioestradarosa
on 13 May 2019
I am closing this issue since the answer is provided. Feel free to reopen it if you still have questions.
jannyHou
on 19 Sep 2019
Related issues
rexliu0715
路
3Comments
kesavkolla
路
3Comments
shahulhameedp
路
3Comments
dericgw
路
3Comments
marioestradarosa
路
3Comments
Most helpful comment
Hi @arunkumarreddygoluguri ,
I had to do something similar with other parameters for the rest-connector, this is a simple solution, but it worked for me.
Once you get your custom auth token you can register in the context in the
sequence.tsfile as you stated.Then in the controller(s) you inject it like so:
Now here comes the tricky part where this solutions falls into the simple category. In your custom methods, you need to add the token as argument, so all service method invocation carries out this parameter. (ie:
yourMethod(arg1: string)now should becomeyourMethod(arg1: string, token: string)where token is an arbitrary name. _(service proxy interface will also have to change to have this parameter)._Note: You can also create an interceptor to intercept myCustomMethod invocation and add this last parameter automatically.
In your template for the rest connector you will have something like this: