问题
After getting answers to this SO question, I realized that I have a cross-domain issue with the httponly flagged ServiceStack bearerToken Cookie not being sent to my resource microservices on different domains.
ServiceStack's documentation explains how to solve this problem in their documentation here.
I having trouble implementing a Typescript version of the code sample in ServiceStack's documentation. I am guess that the sample code in the documentation is C#.
Here is my Typescript code with comments:
import { JsonServiceClient, IReturn } from 'servicestack-client';
import { AuthService } from './auth.service';
//dtos generated by myauthservice/types
import { GetAccessToken, ConvertSessionToToken, ConvertSessionToTokenResponse } from './dtos'
import { AppModule } from '../../app.module';
import { Router } from '@angular/router';
export class JsonServiceClientAuth extends JsonServiceClient {
private router: Router;
private authClient: JsonServiceClient;
constructor(baseUrl: string) {
console.log('JsonServiceClientAuth.baseUrl', baseUrl);
super(baseUrl);
//Router is not injected via the contructor because clients of JsonServiceClientAuth need to create instances of it
this.router = AppModule.injector.get(Router);
this.authClient = new JsonServiceClient("http://localhost:5006");
this.onAuthenticationRequired = async () => {
console.log('JsonServiceClientAuth.onAuthenticationRequired()');
console.log('An API is not receiving the bearerToken being redirected to Login');
this.router.navigate(['/login']);
};
}
get<T>(request: IReturn<T> | string, args?: any): Promise<T> {
return new Promise<T>((resolve, reject) => {
//cross domain issue here, ss-tok httponly Cookie will not be sent to the Resource Service
//ConvertSessionToToken per Service Stacks documentation: http://docs.servicestack.net/jwt-authprovider#converting-an-existing-authenticated-session-into-a-jwt-token
//but send expects 2-4 argumments, one being the method name
//the Typecript send will not use the dto ConvertSessionToToken request and get the url
//var tokenResponse = this.send(new ConvertSessionToToken())
console.log('this.bearToken', this.bearerToken); //undefined
//so try JsonServiceClient.get
this.authClient.get(new ConvertSessionToToken())
.then(res => {
console.log('ConvertSessionToToken.res', res);
console.log('this.bearToken', this.bearerToken); //undefined
//next problem there is no function getTokenCookie in Typescript that I can find, not in the dtos and not in JsonServiceClient
//var jwtToken = this.getTokenCookie(); //From ss-tok Cookie
//maybe this will work?
//super.setBearerToken(this.bearerToken)
super.get(request).then(res => {
console.log('suger.get.res', res);
resolve(res);
}, msg => {
console.log('suger.get.msg', res);
reject(msg)
})
.catch(ex => {
console.log('suger.get.ex', ex);
reject(ex);
});
}, msg => {
console.log('ConvertSessionToToken.msg', msg);
reject(msg);
})
.catch(ex =>{
console.log('ConvertSessionToToken.ex', ex);
reject(ex);
});
});
}
}
回答1:
Why are you implementing a Custom JsonServiceClient? Just use the existing bearerToken and refreshToken properties on the existing JsonServiceClient which already has built-in support for sending JWT Bearer Tokens and using Refresh Tokens to re-fetch expired JWT Tokens.
You can check out client.auth.spec.ts for examples of supported behavior.
来源:https://stackoverflow.com/questions/47422212/use-the-jwt-tokens-across-multiple-domains-with-typescript-jsonserviceclient-s