cancel
Showing results for 
Search instead for 
Did you mean: 

How to get XSUAA token when using Angular as Frontend

SilasCosta
Participant
0 Kudos
600

Hi all, I have one application with the Backend and Frontend in two different applications also they do build and deploy separetly then we have two different URLS we have the Services Url and the Application Url.

I'm using in the front end Angular 9 and Java in backend, the problem is that i can not access the services from backend because I can not take the current session token from the logged user.

Do you know some how in Angular can i get the token from the current session and put in one Interceptor ?

I have done one thing but this does not work and is not secure because all my credentials stay visible to all users.

Can someone give me some help?

lucasvaccaro
Product and Topic Expert
Product and Topic Expert
0 Kudos

When using OAuth, usually you don't handle the token exchange in the browser because of security reasons, but you may consider the Implicit Grant. On Cloud Foundry, with the The XSUAA Programming Model, you can deploy your Angular app along with an Application Router, which handles the OAuth flow (Authorization Code Grant) for you and injects the XSUAA token in the requests to the backend app.

SilasCosta
Participant
0 Kudos

lucasvaccaro At this moment I'm already using the XSUAA and the Approuter the problem here is that I can logon in the app but the backend services are not receiving the token, so because of this I just receive as response the 401 return code. I think the token should be in all calls since we are logged in right ? Do you think that maybe should be a missconfiguration in the Backend ?

lucasvaccaro
Product and Topic Expert
Product and Topic Expert
0 Kudos

silasd23 Did you set forwardAuthToken=true? See this: Application Routes and Destinations

SilasCosta
Participant
0 Kudos

Thanks for your fast feedback!

folow my manifest:

as you can see in my manifest, I'm doing the Forward Authentication. This manifest just creates the Backend service app and the Approuter.

this is the manifest used to create the Frontend Angular app:

this is my Xs-app.json from my Angular app:

lucasvaccaro
Product and Topic Expert
Product and Topic Expert

Hi Silas, I think that the first 2 images are broken. But I see in the xs-app that you have only 1 route, where probably the localDir contains the Angular app. I'd expect to see 2 routes at least. One pointing to the localDir for the web app, and another pointing to the backend through a destination. Example, suposing that all "/api" calls should be sent to the java app:

"source": "^/api/"
"target": "/"
"destination": "<name of the destination>"

Accepted Solutions (0)

Answers (0)