I am running a Go server that generates JWT tokens. My original plan was to send the tokens using an http.Redirect using the token string as part of the url.
This doesn't appear to work because I'm using Firebase static hosting and hence only have client side routing.
How can I push my token? Headers maybe?
- I'm running my static SPA on 'example.firebaseapp.com' (A).
- I'm running my server that generates tokens on 'example.us-west-2.compute.amazonaws.com' (B)
- The cas server is running on 'https://login.example.edu/cas/' (C)
- There is also of course the user's computer (D)
The flow goes as follows
- User load website from static host (A)
- User on computer D clicks 'login through school' button and is directed to my server (B)
- B then redirects to cas server (C). User puts in his credentials and is redirected to computer B.
- Computer B then generates a token using a secret key and a uid.
-
This token needs to somehow be set back to the user
User would then call
ref.authWithCustomToken("AUTH_TOKEN", function(error, authData) {
Go Server Code
func (h *myHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
if !cas.IsAuthenticated(r) {
cas.RedirectToLogin(w, r)
return
}
if r.URL.Path == "/logout" {
cas.RedirectToLogout(w, r)
return
}
generatedToken := generateToken("uid") // token is created using a uid and a secret
redirectURL := websiteURL + generatedToken
println(redirectURL)
println(generatedToken)
http.Redirect(w, r, redirectURL, http.StatusFound) // I attempt to send the token using a redirect. This doesn't seem to work though since the static server only supports routing for '/'.
//html.WriteTo(w)
}