ConfigureAuthenticationPatterns

Handle cookie-based tokens

This system uses two-step authentication, but instead of returning the token in the response body it returns it in a cookie — the same way a browser session would work. Subsequent requests must also send the token as a cookie. Additionally, the token request requires an Accept: */* header, and the response is not JSON.

Configuration

This scenario requires changes to the service instance configuration, action.json, and the response schema.

Service instance configuration

Update auth_field and auth_field_format in the authentication section so the token is placed in the Cookie header on subsequent requests.

1"authentication": {
2  "auth_method": "request_token",
3  "username": "username",
4  "password": "password",
5  "token": "",
6  "invalid_token_error": 401,
7  "token_timeout": 180000,
8  "token_cache": "local",
9  "auth_field": "header.headers.Cookie",
10  "auth_field_format": "gmsSessionID={token}"
11}

action.json

Set responseDatatype to PLAIN since the token response is not JSON. Add an Accept: */* header to override the adapter library’s default Accept header.

1{
2  "name": "getToken",
3  "protocol": "REST",
4  "method": "POST",
5  "entitypath": "{base_path}/{version}/authentication/login",
6  "requestSchema": "tokenReqSchema.json",
7  "responseSchema": "tokenRespSchema.json",
8  "timeout": 0,
9  "sendEmpty": false,
10  "requestDatatype": "JSON",
11  "responseDatatype": "PLAIN",
12  "headers": {
13    "Accept": "*/*"
14  },
15  "responseObjects": [
16    {
17      "type": "default",
18      "key": "",
19      "mockFile": "mockdatafiles/getToken-default.json"
20    }
21  ]
22}

Response schema

Add a placement field set to "header" on the token property to tell the adapter library to look for the token in the response headers rather than the body. Set external_name to the specific header field that contains the cookie value.

1{
2  "$id": "respTokenSchema.json",
3  "type": "object",
4  "$schema": "http://json-schema.org/draft-07/schema#",
5  "translate": true,
6  "properties": {
7    "ph_request_type": {
8      "type": "string",
9      "description": "type of request (internal to adapter)",
10      "default": "getToken",
11      "enum": ["getToken"],
12      "external_name": "ph_request_type"
13    },
14    "token": {
15      "type": "string",
16      "description": "the token returned from the system",
17      "placement": "header",
18      "external_name": "set-cookie.gmsSessionID"
19    }
20  },
21  "definitions": {}
22}