I’m trying to figure out how to integrate token based auth/authz with untangled-websockets, can anyone share knowledge about how I can achieve this? I’ve starred at it for awhile and it’s probably better to ask you guys before I dig in further. Thanks

@juno: @mahinshaw wrote those bits....he's out right now but I'm sure he can give you some tips when he gets back

thank you Tony.

@juno: We are using Websockets with OAuth here. So it’s likely that there is some overlap

I just added an endpoint that validaties the token, and sets cookies, which in turn get validated through our ring reqests

On the Server end we use: https://github.com/untangled-web/untangled-server/blob/master/src/untangled/server/impl/components/access_token_handler.clj to validate tokens

Cookies are set because websockets do not allow for custom headers, which is where we would have liked to put the token. The query params is also an option (albeit a less secure one) and there are hooks in untantlged-websockets for doing that.

I did go in the direction of writing my own handler which handles the composing of a new hander to the pre-hook. I’ll give another shot on query params as an option for now. I just want to see if I can get this working. Thank you. I’ll hit you up later if I have more unknowns 😃

Sounds good.