[annotator-dev] x-annotator-auth-token
Andrew MacDonald
andrew_james_macdonald at yahoo.com
Thu Mar 20 18:22:37 UTC 2014
Thanks for the quick reply.
1) I'm using v.1.2.7
2) I would assume so. This is the extent of my Annotator configuration:
$('#'+containerId).annotator().annotator('setupPlugins', {
tokenUrl: 'http://localhost:8080/base/token'
});
3) I think so. For the token payload:
consumerKey = my consumer key on annotateit.org
userId = my user name on annotateit.org
When I construct the actual token with JsonToken, I first have to construct the signer using HmacSHA256Signer (https://code.google.com/p/jsontoken/source/browse/trunk/src/main/java/net/oauth/jsontoken/crypto/HmacSHA256Signer.java). I pass it the following:
issuer = same as userId above
keyId = same as consumerKey above
keyBytes = the bytes from my consumer secret
On Thursday, March 20, 2014 1:56 PM, Randall Leeds <tilgovi at hypothes.is> wrote:
Some questions
- What version of Annotator?
- Are you using the default Store plugin in both cases?
- Just to be sure, are you using your credentials from your user page on annotateit.org to generate your token?
On Thu, Mar 20, 2014 at 8:57 AM, Andrew MacDonald <andrew_james_macdonald at yahoo.com> wrote:
Hello dev team,
>
>
>I'm having trouble getting my local authentication working with the AnnotateIt store.
>
>
>So far, I have produced a local authentication token endpoint, using the JsonToken Java library. This seems to work, as the Annotator plugin calls my endpoint and it returns a token (and the Annotator doesn't throw any "couldn't get auth token" errors). However, when I try to store an annotation on AnnotateIt I get a 401 unauthorized response. When I use the http://annotateit.org/api/token endpoint for authorization, everything works as expected. Comparing the headers between the two approaches, I notice that when using my local authentication, subsequent calls to AnnotateIt don't include the x-annotator-auth-token request header, which I assume is why I'm getting the unauthorized response.
>
>
>Any idea what I'm doing wrong? If you require more details please let me know.
>
>
>Thanks,
>Andrew
>_______________________________________________
>annotator-dev mailing list
>annotator-dev at lists.okfn.org
>https://lists.okfn.org/mailman/listinfo/annotator-dev
>Unsubscribe: https://lists.okfn.org/mailman/options/annotator-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/annotator-dev/attachments/20140320/04d24c90/attachment-0004.html>
More information about the annotator-dev
mailing list