Design advice on how to OAuth backoffice custom section against 3rd party API
Hi,
I'm building a backoffice application/ section that is a tree controller when the trees are clicked I need to authenticate against a 3rd party using OAuth.
So you login normally and can see my new section along with all the others, when you start clicking the tree controller nodes it starts using the 3rd party API which requires OAuth.
What would be the best way of implementing OAuth for my new custom section?
I was thinking of pushing it into the angular controllers put I'm struggling with the return URL. I also need a way that if the API fails because of a expired token to then go back through the process.
I was thinking of letting all my tree nodes redirect to a authenticate view:
here I'd call out to the 3rd party with a Ajax post.
If successful, I'd then redirect to the normal view with access to the token.
However it's the return URL I'm struggling with..
Anyone attempted anything like this?
The other idea would be to hijack the normal login process and add the OAuth to that. So a user logging in would have to be successful with the normal umbraco login and the 3rd party OAuth.
Guess I'm just looking for a little guiding and I'll try and run with it. I'm at a stage that I don't want to go down a path for 2 weeks and it just not be possible.
If I click my new section:
http://local.testsite01/umbraco/#/mySection
,and when I load my treecontroller and I don't have a AccessToken, I hide all the options and just provide a 'Connect' option, like:
So on the load of that view the angular posts off to a backend controller which then starts the process. After the standard oAuth calls, it then redirects me back to the root of my Section:
http://local.testsite01/umbraco/#/mySection
The TreeController rebuilds itself, but this time it's got a AccessToken so can build to 'real' tree/ menu.
I'll need to consider if/ when the access token expires. I'll prob redirect to the root and ask for a reconnect but it's not the best user experience.
So I've decided to change the way I manage the oAuth process. I'm now triggering the process from the click of the new section, I've done this by adding the following to the dashboard.config file:
Auth.html, loads it's controller which then on the load kicks off the oAuth process if it doesn't have a Access Token. When it's complete it redirects back to the root. Main drawback to this approach is you get a flicker when the page is refreshing with the token. However it means every catalog tree doesn't have to deal with it.
Design advice on how to OAuth backoffice custom section against 3rd party API
Hi,
I'm building a backoffice application/ section that is a tree controller when the trees are clicked I need to authenticate against a 3rd party using OAuth.
So you login normally and can see my new section along with all the others, when you start clicking the tree controller nodes it starts using the 3rd party API which requires OAuth.
What would be the best way of implementing OAuth for my new custom section?
I was thinking of pushing it into the angular controllers put I'm struggling with the return URL. I also need a way that if the API fails because of a expired token to then go back through the process.
I was thinking of letting all my tree nodes redirect to a authenticate view:
http://local.testsite1/umbraco#/myApp/Catalog/oAuth/product
which would direct me to
~/App_Plugins/myApp/BackOffice/Catalog/oAuth.html
here I'd call out to the 3rd party with a Ajax post.
If successful, I'd then redirect to the normal view with access to the token. However it's the return URL I'm struggling with..
Anyone attempted anything like this?
The other idea would be to hijack the normal login process and add the OAuth to that. So a user logging in would have to be successful with the normal umbraco login and the 3rd party OAuth.
Guess I'm just looking for a little guiding and I'll try and run with it. I'm at a stage that I don't want to go down a path for 2 weeks and it just not be possible.
Any ideas or reply's would be great
Thanks Rob
OK so I've kind of gone with the first idea,
If I click my new section: http://local.testsite01/umbraco/#/mySection ,and when I load my treecontroller and I don't have a AccessToken, I hide all the options and just provide a 'Connect' option, like:
This redirects to
~/App_Plugins/myApp/BackOffice/Catalog/oAuth.html
So on the load of that view the angular posts off to a backend controller which then starts the process. After the standard oAuth calls, it then redirects me back to the root of my Section: http://local.testsite01/umbraco/#/mySection
The TreeController rebuilds itself, but this time it's got a AccessToken so can build to 'real' tree/ menu.
I'll need to consider if/ when the access token expires. I'll prob redirect to the root and ask for a reconnect but it's not the best user experience.
Hi Again,
Some more ramble...
So I've decided to change the way I manage the oAuth process. I'm now triggering the process from the click of the new section, I've done this by adding the following to the dashboard.config file:
Auth.html, loads it's controller which then on the load kicks off the oAuth process if it doesn't have a Access Token. When it's complete it redirects back to the root. Main drawback to this approach is you get a flicker when the page is refreshing with the token. However it means every catalog tree doesn't have to deal with it.
is working on a reply...