[annotator-dev] TokenUrl problem

Randall Leeds randall at bleeds.info
Tue Oct 13 18:54:08 UTC 2015


That is very strange. Does tokenUrl make a request for the token from your
server or does it not even get that far?

On Tue, Oct 13, 2015 at 7:45 AM Andy Kinge <kinge.andy at gmail.com> wrote:

> Hi Randall,
>
> Here are the headers from the tokenUrl response:
>
> HTTP/1.1 200 OK
> Date: Tue, 13 Oct 2015 14:25:43 GMT
> Server: Apache/2.4.10 (Debian)
> Access-Control-Allow-Origin: http://dangerousideassouthampton.org.uk
> Access-Control-Expose-Headers: Location, Content-Type, Content-Length
> Access-Control-Allow-Credentials: true
> Vary: Accept-Encoding
> Content-Encoding: gzip
> Content-Length: 221
> Keep-Alive: timeout=5, max=100
> Connection: Keep-Alive
> Content-Type: text/plain; charset=utf-8
>
> I'm using the python code from the Authentication docs to generate the token, just adding the Content-Type and CORS headers.
>
>
> On 12 October 2015 at 23:05, Randall Leeds <randall at bleeds.info> wrote:
>
>> Can you paste the full headers of the tokenUrl response?
>>
>> On Mon, Oct 12, 2015 at 2:19 PM Andy Kinge <kinge.andy at gmail.com> wrote:
>>
>>> Hi,
>>>
>>> I'm attempting to use v1.2.10 (i.e. latest stable) of annotator on a
>>> single page on my own website, using annotateit.org for storage and
>>> with my own token generator to provide delegated authentication so that
>>> many people can annotate the page.
>>>
>>> I thought I had wired it all together correctly, but I'm finding that I
>>> can't authenticate with http://annotateit.org/api/annotations if I use
>>> tokenUrl in the config, like so:
>>>
>>> jQuery(function ($) {
>>>     $('#content').annotator().annotator('addPlugin', 'Auth', { tokenUrl:
>>> 'http://mydomain/cgi-bin/token' });
>>>     ...
>>>
>>> POST http://annotateit.org/api/annotations 401 UNAUTHORIZED
>>>
>>> "Cannot authorize request (create annotation). Perhaps you're not logged in as a user with appropriate permissions on this annotation? (user=None, consumer=None)"
>>>
>>> however, if I take the token generated by my generator and paste it
>>> directly in the config like this:
>>>
>>>  $('#content').annotator().annotator('addPlugin', 'Auth', { token:
>>> 'eyJhbGciOiJIUzI1***************'}); /*token redacted for this example */
>>>
>>> then I can authenticate, create annotations and they are persisted as
>>> expected.
>>>
>>> I've noticed that in the latter case, the token is passed to the
>>> annotations endpoint in an x-annotator-auth-token header, but with
>>> tokenUrl this doesn't happen.
>>>
>>> I've obviously missed something basic, but I can't for the life of me
>>> see why it's not working, any pointers would be gratefully received!
>>>
>>> Thanks
>>>
>>> Andy
>>> _______________________________________________
>>> annotator-dev mailing list
>>> annotator-dev at lists.okfn.org
>>> https://lists.okfn.org/mailman/listinfo/annotator-dev
>>> Unsubscribe: https://lists.okfn.org/mailman/options/annotator-dev
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/annotator-dev/attachments/20151013/85b80d19/attachment-0004.html>


More information about the annotator-dev mailing list