How can I use token auth "à la Nuxeo Drive" for using the REST API ?

I would like to use the REST API in a Shibboleth protected application. Our Nuxeo instance is also configured to use Shibboleth with the same Service Provider.

How can I use the Shibboleth credentials so that I can have a token for the current user just like when using Nuxeo Drive ?

There is little documentation about TOKEN AUTH and some things are not clear :

using the drive_login.jsp request works in my brower (redirects to Shib Auth and returns the token in the javascript function drive.create_account)

but using it in an HTTP requester does not work right from the start (401 : needs HTTP AUTH).

0 votes

2 answers

2147 views

ANSWER



If fact everything works fine, I only needed the right URL for authentification :

/nuxeo/authentication/token?applicationName=TEST&forceAnonymousLogin=true&deviceDescription=TEST&deviceId=TEST&permission=ReadWrite

Note : the (PHP) application is protected by Shibboleth (mod_shib) and uses the same Service Provider as Nuxeo so that the ajax call can be authentificated without user interaction.

Note : that makes it possible to build one page application in javascript only using the REST API … promising.

0 votes



Hello,

Does you HTTP client support / is configured for redirect? Indeed, the drive_login.jsp page is protected by the Nuxeo authentication filter which handles the redirection to the authentication page you've configured for the Nuxeo instance, in your case Shibboleth.

0 votes