Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ability to bypass the AuthHttpInterceptor on a per-request basis #658

Open
5 tasks done
iragsdale opened this issue Nov 5, 2024 · 0 comments
Open
5 tasks done

Ability to bypass the AuthHttpInterceptor on a per-request basis #658

iragsdale opened this issue Nov 5, 2024 · 0 comments
Labels
feature request A feature has been asked for or suggested by the community

Comments

@iragsdale
Copy link

Checklist

  • I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
  • I have looked into the API documentation and have not found a suitable solution or answer.
  • I have searched the issues and have not found a suitable solution or answer.
  • I have searched the Auth0 Community forums and have not found a suitable solution or answer.
  • I agree to the terms within the Auth0 Code of Conduct.

Describe the problem you'd like to have solved

I have some requests that I'd like to bypass the Auth0 AuthHttpInterceptor, and skipping them by matching on URL string using a uriMatcher in the configuration isn't ideal.

It is possible to match these endpoints by their URL strings, but that requires configuring the interceptor in a completely separate area of code from where this is necessary, making the code difficult to understand. And while our current use case doesn't require the ability to do that based on any other state, I could easily imagine a situation where we might want to skip the interceptor based on some condition other than the URL of the endpoint in use.

Describe the ideal solution

Ideally it would be possible to mark a request to be skipped by adding an HttpContextToken to the request context, as described here: https://bradleycarey.com/posts/bypass-angular-interceptor/. This would take just a few lines of code, would be easy to test, and solves the problem in a very simple way.

If the maintainers are interested in adding this functionality, I might be willing to create a PR myself.

Alternatives and current workarounds

It would certainly be possible for us to implement this on our own by wrapping the AuthHttpInterceptor in our own interceptor, and I've considered doing that instead of URL matching. If the maintainers of this library would prefer not to build this in, we may end up doing that for our app in the future. But this seems like such a simple and powerful improvement to the functionality of the base library that I'd like to avoid having to do that.

Additional context

No response
@iragsdale iragsdale added the feature request A feature has been asked for or suggested by the community label Nov 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request A feature has been asked for or suggested by the community
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@iragsdale