ConfigureAuthenticationPatterns

Dynamic token per domain

This system authenticates on a per-domain basis. Every call must be authenticated within the domain it targets, and that domain changes per request.

Because the domain is dynamic, it must be passed into the adapter method on each call and injected into the authData object of the request. The adapter library is already prepared to handle this — no changes to the library are needed — but code changes in adapter.js and pronghorn.json are required.

Configuration

adapter.js

Add a parameter to each method that needs domain-based authentication (in this example, domainVar) and set it in the authData object on the reqObj. The adapter library will include this data in the authentication request body.

1getMyData(query, domainVar, callback) {
2
3  // ...
4
5  const reqObj = {
6    payload: { garbage: 'need since post' },
7    uriPathVars: [groupId, deviceId],
8    uriQuery: { name: 'anyname' },
9    uriOptions: { page: 2 },
10    addlHeaders: { audit: 'turnOn' },
11    authData: {
12      domain: domainVar
13    },
14    callProperties: {
15      stub: true,
16      request: {
17        attempt_timeout: 60000
18      }
19    },
20    filter: '[*name=doggie]'
21  };

pronghorn.json

Add the corresponding input parameter to each affected method in pronghorn.json so the domain value can be passed in from anItential Platform workflow.

1{
2  "name": "getMyData",
3  "summary": "get my data from blah",
4  "description": "get my data from blah",
5  "input": [
6    {
7      "name": "query",
8      "type": "object",
9      "info": "object containing query fields",
10      "required": false,
11      "schema": {
12        "title": "query",
13        "type": "object"
14      }
15    },
16    {
17      "name": "domainVar",
18      "type": "string",
19      "info": "the domain to send for authentication",
20      "required": true,
21      "schema": {
22        "title": "domainVar",
23        "type": "string"
24      }
25    }
26  ],
27  "output": {
28    "name": "result",
29    "type": "object",
30    "description": "A JSON Object containing status, code and the result"
31  },
32  "route": {
33    "verb": "POST",
34    "path": "/getMyData"
35  },
36  "roles": ["admin"],
37  "task": true
38}