Sending Security Tokens with Request

10 posts, 0 answers
  1. Gary
    Gary avatar
    28 posts
    Member since:
    Apr 2011

    Posted 23 Jun 2012 Link to this post

    Is there a way to send tokens such as OAuth2 with the call to the ODataService?

    I can see that there may be a way of injecting headers in the client-side event

    OnRequesting but only if these are exposed in the args.set_Options object.



    Thanks

    Gary
  2. Genady Sergeev
    Admin
    Genady Sergeev avatar
    1596 posts

    Posted 28 Jun 2012 Link to this post

    Hi Gary,

    You can use the requesting event to extend the options object that is passed to the jQuery Ajax function. Here is short example:

    <script type="text/javascript">
            function requesting(sender, args) {
                args.get_options().beforeSend = function(xhr) {
                    xhr.setRequestHeader("Authorization", "GoogleLogin auth=" + token);
                }
            }
    </script>


    All the best,
    Genady Sergeev
    the Telerik team
    If you want to get updates on new releases, tips and tricks and sneak peeks at our product labs directly from the developers working on the RadControls for ASP.NET AJAX, subscribe to their blog feed now.
  3. UI for ASP.NET Ajax is Ready for VS 2017
  4. Gary
    Gary avatar
    28 posts
    Member since:
    Apr 2011

    Posted 28 Jun 2012 Link to this post

    Fantastic, that makes a secure and state-less Web API usable with the ODataDataSource. I will prototype this shortly!

  5. Genady Sergeev
    Admin
    Genady Sergeev avatar
    1596 posts

    Posted 02 Jul 2012 Link to this post

    Hello Gary,

    Great news!

    We will be glad if you share some feedback how it is going.

    All the best,
    Genady Sergeev
    the Telerik team
    If you want to get updates on new releases, tips and tricks and sneak peeks at our product labs directly from the developers working on the RadControls for ASP.NET AJAX, subscribe to their blog feed now.
  6. ddkcoder
    ddkcoder avatar
    1 posts
    Member since:
    Feb 2007

    Posted 29 Oct 2012 Link to this post

    Is there any more documentation on this functionality?  The reality is that most odata source exposed to the internet would require some sort of authentication.
  7. Genady Sergeev
    Admin
    Genady Sergeev avatar
    1596 posts

    Posted 02 Nov 2012 Link to this post

    Hi Gary,

    As stated earlier, we expose the options object that is latter transferred to HTTP Post parameters. This means that you can hook on the requesting event and add whatever authentication you want. We will soon post a help article on the topic and will update this thread with a link.

    Regards,
    Genady Sergeev
    the Telerik team
    If you want to get updates on new releases, tips and tricks and sneak peeks at our product labs directly from the developers working on the RadControls for ASP.NET AJAX, subscribe to their blog feed now.
  8. Les
    Les avatar
    29 posts
    Member since:
    Feb 2011

    Posted 27 Feb 2013 Link to this post

    It would be of great help if the following help topic article was available:
    (Taken from the post below)
    "We will soon post a help article on the topic and will update this thread with a link."
  9. Gary
    Gary avatar
    28 posts
    Member since:
    Apr 2011

    Posted 27 Feb 2013 Link to this post

    It's actually simpler than I thought. We use a security Token here but you could use a user/password pair.
    Call this straight after logon and it will apply to all JQuery Ajax calls
    // Configure AJAX to have the security Token every call
      
    $.ajaxSetup({
             'beforeSend': function (xhr) {
                     xhr.setRequestHeader("Authorization", "Basic " + $.fac.settings.securityToken);
             }
     });

     

     

    Hope this helps.
    Gary
  10. Les
    Les avatar
    29 posts
    Member since:
    Feb 2011

    Posted 27 Feb 2013 Link to this post

    I learn more by example and you mentioned a user/password pair and that is what I am looking for now.
    How would you code the user/password in the setRequestHeader?
    Thank!
  11. Genady Sergeev
    Admin
    Genady Sergeev avatar
    1596 posts

    Posted 04 Mar 2013 Link to this post

    Hello Les,

    You simply need to add the security token as the value for the Authorization header. In turn, the security token should conform to the authentication type the underlying website is using. For example, the Basic authentication requires string in the format username:password that is encoded as Base64.

    Kind regards,
    Genady Sergeev
    the Telerik team
    If you want to get updates on new releases, tips and tricks and sneak peeks at our product labs directly from the developers working on the RadControls for ASP.NET AJAX, subscribe to their blog feed now.
Back to Top
UI for ASP.NET Ajax is Ready for VS 2017