AngularJS-OAuth2 | AngularJS application to authenticate with an OAuth | OAuth library
kandi X-RAY | AngularJS-OAuth2 Summary
kandi X-RAY | AngularJS-OAuth2 Summary
This is an Angular directive and HTTP interceptor available as a Bower package for adding OAuth 2 authentication support to AngularJS. In addition to this documentation a couple of samples and tutorials are available:. The package is versioned using the semantic versioning policy. Feedback is very welcome. Please leave it in the Issues area or over on my blog.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of AngularJS-OAuth2
AngularJS-OAuth2 Key Features
AngularJS-OAuth2 Examples and Code Snippets
Community Discussions
Trending Discussions on AngularJS-OAuth2
QUESTION
As mentioned in the title, I want to perform a redirection from an angularJs application residing in localhost:port1
to another angularJs application in localhost:port2
.
The two application are secured using openid-connect
server and this angualrjs directive.
The problem is when I'm logged in the first app and I perform a redirection to the second app, it tells me to re-sign in as if i'm not authenticated.
So I've figured a workaroud for this problem: I sent the access_token in the redirect url and used it in the second app..
But I read that it's a bad practise to expose the access_token in the URL ..
So my question is is there a way to send an authorization header with redirection using $window.open(url) .. ?
thanks is advance .
...ANSWER
Answered 2018-Feb-21 at 15:28No, you cannot set a header because the header you receive, is coming from back-end. You just ask the browser to change the url. And you do not want to put access_token in the url (wise action).
The solution that comes to my mind is to write the access_token in session-storage. It is safe because it is only accessible to current tab. The second angularjs application can check the session-storage on start-up and use it if it exists.
Update: Session storage is port specific so it does not work on this case:
The second solution would be using cookies, unlike sessionStorages, cookies are not port specific. So when the second angularjs application comes up, it can check the cookies to see if the authentication token exists or not, if it exists then it does not goto sign-in page.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install AngularJS-OAuth2
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page