I updated ember-simple-auth (ESA) to 2.0 version as explained its Migration section for 2.0. version and removed application.js authorizer:
# adapters/application.js
export default JSONAPIAdapter.extend(DataAdapterMixin, {
host: config.apiHost,
authorize(xhr) {
let { access_token } = this.get('session.data.authenticated');
if (isPresent(access_token)) {
xhr.setRequestHeader('Authorization', `Bearer ${access_token}`);
}
},
// allows the multiword paths in urls to be underscored
pathForType: function(type) {
let underscored = underscore(type);
return pluralize(underscored);
},
});
Authentication continued to work as needed. Then suddenly it was reported that the file upload was broken. After analyzing, I discovered that ESA version 2.1.0 I updated to recently, set the application adapter differently:
headers: computed('session.data.authenticated.access_token', function() {
let headers = {};
if (this.get('session.isAuthenticated')) {
headers['Authorization'] = `Bearer ${this.get('session.data.authenticated.access_token')}`;
}
return headers;
}),
As you see, there is no more authorize method. And the ember-active-storage uses this new way for authenticated headers.
When I replace the authorize method with headers CP, I fail to pass the authentication, the browser is running in an endless loop…
When using the previous working ESA version, here is what I have in the Local Storage:
ember_simple_auth-session:"{"authenticated":{"authenticator":"authenticator:oauth2-implicit-grant","access_token":"Xxxx","token_type":"Bearer","expires_in":"7199"}}"
Nothing at all with the latest implementation that uses headers.
What’s wrong with that? Even ESA dummy app uses the same implementation. Any idea? Thank you.