[annotator-dev] TokenUrl problem
Andy Kinge
kinge.andy at gmail.com
Mon Oct 12 21:19:20 UTC 2015
Hi,
I'm attempting to use v1.2.10 (i.e. latest stable) of annotator on a single
page on my own website, using annotateit.org for storage and with my own
token generator to provide delegated authentication so that many people can
annotate the page.
I thought I had wired it all together correctly, but I'm finding that I
can't authenticate with http://annotateit.org/api/annotations if I use
tokenUrl in the config, like so:
jQuery(function ($) {
$('#content').annotator().annotator('addPlugin', 'Auth', { tokenUrl: '
http://mydomain/cgi-bin/token' });
...
POST http://annotateit.org/api/annotations 401 UNAUTHORIZED
"Cannot authorize request (create annotation). Perhaps you're not
logged in as a user with appropriate permissions on this annotation?
(user=None, consumer=None)"
however, if I take the token generated by my generator and paste it
directly in the config like this:
$('#content').annotator().annotator('addPlugin', 'Auth', { token:
'eyJhbGciOiJIUzI1***************'}); /*token redacted for this example */
then I can authenticate, create annotations and they are persisted as
expected.
I've noticed that in the latter case, the token is passed to the
annotations endpoint in an x-annotator-auth-token header, but with tokenUrl
this doesn't happen.
I've obviously missed something basic, but I can't for the life of me see
why it's not working, any pointers would be gratefully received!
Thanks
Andy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/annotator-dev/attachments/20151012/7c002428/attachment-0003.html>
More information about the annotator-dev
mailing list