Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

error when UserSession created with portal token attempts to exchange it for a server token #485

Closed
adepottey opened this issue Mar 13, 2019 · 5 comments
Closed

error when UserSession created with portal token attempts to exchange it for a server token #485

adepottey opened this issue Mar 13, 2019 · 5 comments
Labels
docs faq question

Comments

@adepottey
Copy link

I am hoping to use arcgis-rest-js in a middleware component. I have a REST endpoint that basically orchestrates a series of calls to GP and feature services. I get a user-generated token as a parameter and I just pass the token through on all of my service calls.

I am trying to construct a UserSession using the token, but I am getting an error with my logic. I think I probably need to set something else when I am creating the UserSession object but I am not sure what it could be. Any help with this would be appreciated.

Node version 8.12.0

Here is my code:

function onTokenTest(token, expire) {
    require("isomorphic-fetch");
    require("isomorphic-form-data");
    const arcgisRequest = require("@esri/arcgis-rest-request");
    const arcgisRest = require("@esri/arcgis-rest-auth");

    const testUrl =
        "https://my106server.esri.com/server/rest/services/Hosted/Plan_Template/FeatureServer";

    let session = arcgisRest.UserSession.deserialize(
        JSON.stringify({
            token: token,
            tokenExpires: expire,
            username: "routeCreator",
            portal: "https://my106server.esri.com/portal"
        })
    );

    arcgisRequest
        .request(testUrl, {
            authentication: session
        })
        .then(
            function(response) {
                console.log(response);
            },
            function(error) {
                console.log(error);
            }
        );
}

Here is the error:

{ [ArcGISAuthError: 498: Invalid token.]
  name: 'ArcGISAuthError',
  message: '498: Invalid token.',
  originalMessage: 'Invalid token.',
  code: 498,
  response: 
   { error: { code: 498, message: 'Invalid token.', details: [] } },
  url: 'https://my106server.esri.com/portal/sharing/rest/generateToken',
  options: 
   { httpMethod: 'POST',
     params: 
      { token: '<token>',
        serverUrl: 'https://my106server.esri.com/server/rest/services/Hosted/Plan_Template/FeatureServer',
        expiration: 20160,
        client: 'referer',
        referer: '@esri/arcgis-rest-js' },
     fetch: [Function: bound ] } }
@jgravois
Copy link
Contributor

hi @adepottey 👋

do you know what refer is passed as an argument when the token is first generated?

@jgravois
Copy link
Contributor

jgravois commented Mar 13, 2019
edited
Loading

the problem is indeed a result of the fact that Node.js applications that use this library pass along the generic referer header @esri/arcgis-rest-js when swapping a portal token for a server token and whatever call generated your own token included a totally different referer as a request parameter.

because of this i have a few suggestions:

  1. in Add a "headers" option to IRequestOptions #436 we landed the ability to set custom referer headers on requests from Node.js. right now these headers do not percolate down into the bowels of authentication, but they could. this would only be helpful if the developer knew what referer was passed as a request option when generating the original token.

  2. in feat: new UserSession tied to a non-federated ArcGIS Server instance #423 (comment) we landed the ability to create a session for an unfederated instance of ArcGIS Server. you might try exploiting this feature to try and trick rest-js into passing along the token you already have and skip the exchange entirely.

@adepottey
Copy link
Author

Thanks John, I was able to get this working in my test case using your second suggestion.

Here is my code:

function onTokenTest(token, expire) {
    require("isomorphic-fetch");
    require("isomorphic-form-data");
    const arcgisRequest = require("@esri/arcgis-rest-request");
    const arcgisRest = require("@esri/arcgis-rest-auth");

    const testUrl =
        "https://my106server.esri.com/server/rest/services/Hosted/Plan_Template/FeatureServer";


    let session = new arcgisRest.UserSession({
        token: token,
        tokenExpires: expire,
        username: "routeCreator",
        server: "https://my106server.esri.com/server"
    });

    arcgisRequest
        .request(testUrl, {
            authentication: session
        })
        .then(
            function(response) {
                console.log(response);
            },
            function(error) {
                console.log(error);
            }
        );
}

@jgravois
Copy link
Contributor

awesome. thank you for confirming.

i'm going to leave this ticket open as a reminder to add a code snippet to the API reference for UserSession as a breadcrumb for other developers in your 👡s.

@jgravois jgravois changed the title Create UserSession using token error when UserSession created with portal token attempts to exchange it for a server token Mar 13, 2019
@jgravois
Copy link
Contributor

8180b40

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
docs faq question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jgravois @adepottey