Hi everyone,

we've merged a patch that aligns UI code with Engine SSO infra:

  https://gerrit.ovirt.org/#/c/49278/

In particular, UI code that creates & maintains REST webapp's
HTTP session was removed in favor of using SSO token.

**UI plugin authors take note!** The "RestApiSessionAcquired"
callback was removed -- please update your UI plugins to use
the new "api.ssoToken" function when making REST API requests:

  var xhr = new XMLHttpRequest();
  xhr.open('GET', 'http://example.com/ovirt-engine/api');
  xhr.setRequestHeader('Authorization', 'Bearer ' + api.ssoToken());
  xhr.setRequestHeader('Accept', 'application/json');
  xhr.addEventListener('load', function () {
    // response loaded OK, parse JSON data
    var data = JSON.parse(this.responseText);
  });
  xhr.send();

While being a breaking change, this should simplify UI plugin
code because:

- the new "api.ssoToken" function can be called anytime,
  removing the need for an asynchronous callback

- no need to use session-specific request headers anymore
  (like "Prefer: persistent-auth" and "JSESSIONID: xxx"),
  just use "Authorization: Bearer xxx" and you're good

Please see commit msg of above mentioned patch for further
details on the changes and their implications.

Let me know if you have any questions or comments.

Regards,
Vojtech
_______________________________________________
Devel mailing list
Devel@ovirt.org
http://lists.ovirt.org/mailman/listinfo/devel

Reply via email to