defaultHeadersForTokenRequests not working for updateToken()

[pllamena]

Hello,

@groenlid - @RWOverdijk suggested I should pin you to this issue.

Setting the defaultHeadersForTokenRequests seems to work for the login() method, but not for updateToken(). All the parameters are missing from the updateToken request, which also happens for the initial token request made by login() if I remove the defaultHeadersForTokenRequests: {'Content-Type': 'application/x-www-form-urlencoded'} line.

Here is my set up:

foo
  .plugin('aurelia-api', configure => {
    configure
      .registerEndpoint('auth', environment.apiEndpoint, {headers: {'Content-Type': 'application/x-www-form-urlencoded'}})
      .registerEndpoint('protected-api', environment.apiEndpoint)
      .setDefaultEndpoint('protected-api')
  })
  .plugin('aurelia-authentication', baseConfig => {
    baseConfig.configure({
      endpoint                      : 'auth',
      configureEndpoints            : ['auth', 'protected-api'],
      defaultHeadersForTokenRequests: {'Content-Type': 'application/x-www-form-urlencoded'},
      loginUrl                      : 'token',
      authHeader                    : 'Authorization',
      authTokenType                 : 'Bearer',
      httpInterceptor               : true,
      accessTokenProp               : 'access_token',
      useRefreshToken               : true,
      clientId                      : 'XXXXXXXX',
      refreshTokenUrl               : 'token',
      refreshTokenProp              : 'refresh_token',
      refreshTokenSubmitProp        : 'refresh_token',
      autoUpdateToken               : true,
      storage                       : 'localStorage',
      loginRedirect                 : '#/home',
      logoutRedirect                : '#/home',
      getExpirationDateFromResponse : (response => {
        if (response && response.expires_in) {
          return (new Date().getTime() + response.expires_in * 1000) / 1000
        }
      })
    })
  })

If you login and refresh the page, updpateToken() is called, but since it doesn't attach any parameters to the token request, authentication fails and the user gets logged out.

Am I missing something? Please let me know if more details are needed!

Thank you!

[RWOverdijk]

I've slightly changed your description (removed some typos and made the code snippet prettier).

@groenlid you worked on this, correct? Do you have any input on this issue? :)

[pllamena]

Thank you, @RWOverdijk!

I have been trying to find a work around this week, but I haven't got anywhere with it yet.

Any input will be much appreciated! :)

Thank you again!

[RWOverdijk]

I think @groenlid is mia. I'll pin this to my own inbox and see if I can find time to tackle this.

[pllamena]

Thank you @RWOverdijk !

[RWOverdijk]

If you find the solution in the meantime, that'd be even better obviously :D

[pllamena]

Hi @RWOverdijk,

Good news - defaultHeadersForTokenRequests works! Since the token endpoint was working outside the Aurelia App & removing defaultHeadersForTokenRequests broke the initial login (which was only due the default format being JSON), I had assumed it was the front end that was causing the error. Turned out I had to make adjustments in the token generation for it to accept requests from the App and everything works now.

Thank you for responding to my comment and the issue!

[RWOverdijk]

Oh I'm glad you solved it :)