[annotator-dev] x-annotator-auth-token

Fri Mar 21 04:56:53 UTC 2014

Do you see a warning in your script console, "Didn't get a valid token"?
Or if you see the Annotator making requests to your token URL every ten
seconds, then it means the application isn't receiving it correctly.
I cannot see what is wrong with your code, if anything.

On Thu, Mar 20, 2014 at 2:18 PM, Andrew MacDonald <
andrew_james_macdonald at yahoo.com> wrote:

> I wouldn't be surprised if that were the case.
>
> Here's the code:
> 1) The relevant code from my HttpServlet: http://pastebin.com/bgEWbKhE
> 2) The JWTUtils code: http://pastebin.com/ryEQtLB0
>
> Andrew
>
>
>   On Thursday, March 20, 2014 5:04 PM, Randall Leeds <tilgovi at hypothes.is>
> wrote:
>  Then it certainly seems like the token code might not be quite right.
>
> Can you share the code you're using to generate the token?
>
>
> On Thu, Mar 20, 2014 at 11:22 AM, Andrew MacDonald <
> andrew_james_macdonald at yahoo.com> wrote:
>
> Thanks for the quick reply.
>
> 1) I'm using v.1.2.7
>
> 2) I would assume so. This is the extent of my Annotator configuration:
> $('#'+containerId).annotator().annotator('setupPlugins', {
>     tokenUrl: 'http://localhost:8080/base/token'
> });
>
> 3) I think so. For the token payload:
> consumerKey = my consumer key on annotateit.org
> userId = my user name on annotateit.org
>
> When I construct the actual token with JsonToken, I first have to
> construct the signer using HmacSHA256Signer (
> https://code.google.com/p/jsontoken/source/browse/trunk/src/main/java/net/oauth/jsontoken/crypto/HmacSHA256Signer.java).
> I pass it the following:
> issuer = same as userId above
> keyId = same as consumerKey above
> keyBytes = the bytes from my consumer secret
>
>
>   On Thursday, March 20, 2014 1:56 PM, Randall Leeds <tilgovi at hypothes.is>
> wrote:
>   Some questions
>
> - What version of Annotator?
>  - Are you using the default Store plugin in both cases?
>  - Just to be sure, are you using your credentials from your user page on
> annotateit.org to generate your token?
>
>
> On Thu, Mar 20, 2014 at 8:57 AM, Andrew MacDonald <
> andrew_james_macdonald at yahoo.com> wrote:
>
>  Hello dev team,
>
> I'm having trouble getting my local authentication working with the
> AnnotateIt store.
>
> So far, I have produced a local authentication token endpoint, using the
> JsonToken Java library. This seems to work, as the Annotator plugin calls
> my endpoint and it returns a token (and the Annotator doesn't throw any
> "couldn't get auth token" errors). However, when I try to store an
> annotation on AnnotateIt I get a 401 unauthorized response. When I use the
> http://annotateit.org/api/token endpoint for authorization, everything
> works as expected. Comparing the headers between the two approaches, I
> notice that when using my local authentication, subsequent calls to
> AnnotateIt don't include the x-annotator-auth-token request header, which I
> assume is why I'm getting the unauthorized response.
>
> Any idea what I'm doing wrong? If you require more details please let me
> know.
>
> Thanks,
> Andrew
>
> _______________________________________________
> annotator-dev mailing list
> annotator-dev at lists.okfn.org
> https://lists.okfn.org/mailman/listinfo/annotator-dev
> Unsubscribe: https://lists.okfn.org/mailman/options/annotator-dev
>
>
>
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/annotator-dev/attachments/20140320/e21653a8/attachment-0004.html>