How are users accessing the application in the first place? There is HTML
and other assets needed in order to get to the point where Angular is
running and able to import components.
Why not use the typical WebSession (ie. cookie) based authentication
usually used in this situations?
On Wed, Sep 27, 2017 at 1:25 PM <olp455chic...@gmail.com> wrote:
> Hi Lucas,
> Thanks for the response. Yeah, our current requirement is that the
> source is not considered public, so we'd have to authenticate for
> retrieval. Removing that requirement would make this simple, but that part
> is out of my control.
>
> Brian
>
>
> On Wednesday, September 27, 2017 at 12:18:38 PM UTC-5, Lucas Lacroix wrote:
>
>> It seems odd that you require authorization in order to access publicly
>> accessible assets. You would run into the same issue using a script tag in
>> your HTML.
>>
>> Can you not remove the header requirement for assets?
>>
>> On Wed, Sep 27, 2017, 13:14 <olp455...@gmail.com> wrote:
>>
> Thank you very much for sharing Sander. I used this exact technique to
>>> create my own http extension for applying the Authorization header to all
>>> http requests made from the application to our backend, and it works great.
>>> However, the problem is that Angular does not use this object (or the core
>>> http or httpclient) for making the http request to get the lazy loaded
>>> bundles, it uses System.import, which I would image uses the xmlhttprequest
>>> functions, although I wasn't able to debug it down to that level. So this
>>> does work for calls made from the application, just not for the internal
>>> Angular call I need to intervene on.
>>>
>>> Thanks,
>>> Brian
>>>
>>>
>>> On Thursday, September 21, 2017 at 2:54:41 AM UTC-5, Sander Elias wrote:
>>>>
>>>> Hi Brian,
>>>>
>>>> This sample is based on http, but you can do something similar for
>>>> httpClient. HttpClient even has the concept of interceptors that might even
>>>> simplify this.
>>>> here we go:
>>>> import { Injectable } from '@angular/core';
>>>> import { Observable } from 'rxjs/Observable';
>>>> import {
>>>> Headers,
>>>> Http,
>>>> Response,
>>>> RequestOptions,
>>>> Request,
>>>> BaseRequestOptions,
>>>> RequestMethod,
>>>> RequestOptionsArgs,
>>>>
>>>> } from '@angular/http';
>>>>
>>>>
>>>> @Injectable()
>>>> export class Phttp {
>>>> private token: string;
>>>>
>>>> constructor(private http: Http) {
>>>> }
>>>>
>>>> get(url: string, options?: RequestOptionsArgs): Observable<Response> {
>>>> options = this._myDefaultOptions(options);
>>>> return this.http.get(url, options)
>>>>
>>>> }
>>>>
>>>> private _header(OrgHeaders) {
>>>> if ((!this.token) ) {
>>>> this.token = getMyTokenFromSomewhere();
>>>> }
>>>> if (!this.token) {
>>>> throw Error('no token found for pHttp')
>>>> }
>>>> return new Headers({
>>>> authorization: this.token,
>>>> ...OrgHeaders
>>>> })
>>>> }
>>>>
>>>> private _myDefaultOptions(options?: RequestOptionsArgs) {
>>>> if (!options) {
>>>> options = new RequestOptions();
>>>> }
>>>> options.headers = this._header(options.headers)
>>>> return options;
>>>> }
>>>>
>>>>
>>>>
>>>> post(url: string, body: any, options?: RequestOptionsArgs):
>>>> Observable<Response> {
>>>> options = this._myDefaultOptions(options);
>>>> return this.http.post(url, body, options)
>>>>
>>>> }
>>>> put(url: string, body: any, options?: RequestOptionsArgs):
>>>> Observable<Response> {
>>>> options = this._myDefaultOptions(options);
>>>> return this.http.put(url, body , options)
>>>>
>>>> }
>>>> delete(url: string, options?: RequestOptionsArgs):
>>>> Observable<Response> {
>>>> options = this._myDefaultOptions(options);
>>>> return this.http.delete(url, options)
>>>>
>>>> }
>>>> }
>>>>
>>>> Hope this is of some use to you.
>>>>
>>>> Regards
>>>> Sander
>>>>
>>>>
>>>>
>>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Angular and AngularJS discussion" group.
>>>
>> To unsubscribe from this group and stop receiving emails from it, send an
>>> email to angular+u...@googlegroups.com.
>>> To post to this group, send email to ang...@googlegroups.com.
>>
>>
>>> Visit this group at https://groups.google.com/group/angular.
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>> --
>> Lucas Lacroix
>> Computer Scientist
>> Advanced Technology Division, MEDITECH <http://ehr.meditech.com/>
>> 781-774-2293
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Angular and AngularJS discussion" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to angular+unsubscr...@googlegroups.com.
> To post to this group, send email to angular@googlegroups.com.
> Visit this group at https://groups.google.com/group/angular.
> For more options, visit https://groups.google.com/d/optout.
>
--
Lucas Lacroix
Computer Scientist
Advanced Technology Division, MEDITECH <http://ehr.meditech.com/>
781-774-2293
--
You received this message because you are subscribed to the Google Groups
"Angular and AngularJS discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to angular+unsubscr...@googlegroups.com.
To post to this group, send email to angular@googlegroups.com.
Visit this group at https://groups.google.com/group/angular.
For more options, visit https://groups.google.com/d/optout.
