Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for private service and authentication #139

Closed
patrickarlt opened this issue Sep 17, 2013 · 3 comments
Closed

Add support for private service and authentication #139

patrickarlt opened this issue Sep 17, 2013 · 3 comments
Labels
Enhancement
Milestone
Beta 3

Comments

@patrickarlt
Copy link
Contributor

In the interest of keeping this simple I want to impliment this as follows.

L.featureLayer(url, {
  token: "AN_ACCESS_TOKEN"
})

This will set this.options.token on the object. Then whenever a request is made to the service that token should be added to the request params.

This approach will keep the code lightweight, simple and clear and allow developers to pick an choose their authentication mechanism. The disadvantage is that it will be more work for developers as we will not handle token generation or error handling when a token expires.
@aaronpk
Copy link
Contributor

aaronpk commented Sep 17, 2013

I like the simplicity of this. Maybe one way to handle the expired token problem is to provide a callback function that is executed when an expired token response is caught, giving the developer a chance to provide a new token.

L.featureLayer(url, {
  token: "AN_EXPIRED_ACCESS_TOKEN"
}, function(callback) {
  // This code is run if an expired token error is caught

  // Try to generate a new token by using the refresh token you've got lying around

  // Then run the callback function with the new access token, and Leaflet will re-try the request
  callback("NEW_ACCESS_TOKEN");
});

Leaflet could re-try the request with the new access token that was generated, so the whole process ends up being relatively seamless for the developer.

@patrickarlt
Copy link
Contributor Author

It might be easier to have things emit events when authentication fails.

var myLayer = L.featureLayer(url, {
  token: "AN_EXPIRED_ACCESS_TOKEN"
});

myLayer.on("authenticationfailure", function(e){
  // do something to get a new token

  // set the new token on the object
  this.options.token = theNewToken

  // the event can pass a retry method that will re-run the request with the new token
  e.retry();

  //or you could pass the new token to retry
  e.retry(theNewToken);
});

The problem with this is that some requests aren't requests at all. Things like tiles and map overlays just embed the token in the URL.

L.esri.tileLayer just has to call redraw so thats easy. But L.esri.dymanicMapLayer which extends ImageOverlay would need to implement a redraw method.

@patrickarlt
Copy link
Contributor Author

Actually its going to be impossible to know if authentication failed for L.esri.dymanicMapLayer or L.esri.tiledMapLayer since they just load images and don't give us error so we can only do this for Feature Layers.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Enhancement
Projects
None yet
Milestone
Beta 3
Development

No branches or pull requests
2 participants
@aaronpk @patrickarlt