Token validator

EvelynHernandez · ‎04-21-2016

Hello,

I need to know if theres a way of validate the token once u saved it in localStorage.

Right now im creating tokens with a certain duration (lets say 1day) and using them directly on the webservice.

So i need to know once u save it in a localStorage var how to validate if the token is already expired or not.

I was thinking to do this through ajax but i cannot figure out how to do it.

Until now i have something like this, i hope u guys can help me

function tokenValidator(t){

  const exampleUrl = "http://myserver/arcgis/rest/services/mylayer/sufolder/MapServer";
  const datat = {
    token: t
  };
  console.log(t);
  $.ajax({
    url: exampleUrl,
    dataType: 'json',
    data:  datat 
  })
  .done(isDone => {


      console.log(isDone);
      console.log("the token is still valid");


  })
  .fail(error => {
        console.log(error);
        console.log("token is not valid, redirect to login page");
  });
}

EvelynHernandez · ‎04-26-2016

Ok, it was that, Thanks for all ur help!

I finished my quest doing this.

For controlling the token expiration i used an event for the dynamic service that i was accessing.

Example: my layer has a refreshInterval =1;

So, in every minute it will be refreshed, but what happen if the token that allows me to update it is already expired?

To solve that i used:

interrClienteSED.on('update-end', (obj)=>{
    if(obj.error){
      console.log("Redirecting to login page, token for this session is ended...");
        window.location.href = "index.html";
    }
  });

So that will return an object that contains error if the update cannot be done or info if its still ok and it will be checking it every minute.

In my case i want to redirecto to the login page (index).

In the case if i go directly to my secondary page (the page after the login), I have to see if the token is still valid, then i just use my ajax call:

function tokenValidator(){
  var t = localStorage.getItem('token');
  const exampleUrl = "http://myservice/arcgis/rest/services/mylayer/MapServer";
  const datas = {
    token: t,
    f: "json"
  };
  console.log("in token validator");
  $.ajax({
    method: "POST",
    url: exampleUrl,
    dataType: 'html',
    data: datas
  })
  .done(isDone => {
     if (isDone.indexOf('Invalid Token') >= 0){
      console.log("redirect to login page from token validator...");
        window.location.href = "index.html";
    }else{
        console.log("everything is ok! u can continue doing what u are doing.");
    }
  })
  .fail(error => {
    console.log("token validator failure", error);
  });
}

I hope this helps to someone that has the same issue .

Thanks!

View solution in original post

DavidBlanchard · ‎04-22-2016

You should also be storing the tokens expiration in the local storage, this would allow you to first check whether it is expired without making a network request.

As for validating with ArcGIS for Server/ArcGIS Online, try fetching the definition of a secured service of folder. For example:

https://www.mydomain.com/arcgis/rest/services/securedService/FeatureServer?f=json&token=%token goes here%

If the token isn't valid, you'll get the following response:

{"error":{"code":498,"message":"Invalid Token","details":[]}}

EvelynHernandez · ‎04-25-2016

Oh thats true. I will try it and put the result here just in case if someone needs it.

About the ajax fetching the secured service folder, do u have any example for getting the "error" result? cuz i always get a "400" error.

DavidBlanchard · ‎04-25-2016

The only time I get a 400 error is when I have a malformed URL. Are you sure you have the parameters in the URL correctly set (starting with a question mark, separated by an ampersand)? Also, if you are sending a POST request instead of a GET request, the parameters need to be passed as data, not in the URL.

Otherwise, I would suggest to:

login to your rest directory
browser to the folder your are attempting to retrieve
add the ?token= parameter to the URL and navigate to the page, it should keep working
add the &f=json parameter to the URL and navigate again, it should keep working
change the token to invalidate it and navigate to the page, you should get an error object.

EvelynHernandez · ‎04-25-2016

Sorry it was 200, not 400.

For example i have the following:

function tokenValidator(){
  var t = localStorage.getItem('token');
  const exampleUrl = "http://myserver/arcgis/rest/services/mylayer/mysub/MapServer";
  const datas = {
    token: t
  };

$.ajax({
    method: "POST",
    url: exampleUrl,
    dataType: 'json',
    data: datas
  })
  .done(isDone => {
    console.log("token validator sucess", isDone);
     //if my token is still valid i keep the main app.

  })
  .fail(error => {
    console.log("token validator failure", error);
     //if i get the token is not valid i have to redirect my page to the login.
  });

}

In the console i have this:

token validator failure

object:

status: 200

statusText: ok

And i got the url where i want to access. But sometimes i got the login arcgis website.

DavidBlanchard · ‎04-25-2016

Try adding

f: "json"

to your datas object. ArcGIS for Server usually defaults to HTML unless specified otherwise. This parameter will tell ArcGIS to serve the results as JSON (f stands for format).

EvelynHernandez · ‎04-26-2016