I am building a mobile backend service which will be sucured by SSL self-signed certificate. To make API call, client has to pass client certificate and key provided to them. Here is my server side code
var fs = require('fs');
var express = require('express');
var https = require('https');
var uuid = require('node-uuid');
var app = express();
var securityOptions = {
key: fs.readFileSync('server.key'),
cert: fs.readFileSync('server.crt'),
ca: fs.readFileSync('ca.crt'),
requestCert: true
};
app.get("/", function(req, res){
res.sendFile('index.html',{
root: '.'
});
});
app.get("/quiz", function(req, res){
if (req.client.authorized) {
res.writeHead(200, {"Content-Type": "application/json"});
res.end('{"quiz":"flag"}');
} else {
res.writeHead(401, {"Content-Type": "application/json"});
res.end('{"status":"denied"}');
}
});
var secureServer = https.createServer(securityOptions, app);
secureServer.listen(3000, function(){
console.log('Server is running on port 3000...');
});
I tested the API /quiz using curl and it works perfectly.
curl -k --key client.key --cert client.crt https://localhost:3000/quiz
OUTPUT : {"quiz":"flag"}
Now I need to consume same service from an angular module. Below is my client code. But I am getting 401 Unauthorized error which is obviouse as I am not passing client certificate and key. I searched in internet but could not find a way to pass them. Can anyone please help ?
<!doctype html>
<html ng-app='mobile'>
<head>
<title>Hello AngularJS</title>
<script src="http://ift.tt/1eDffUg"></script>
</head>
<body>
<div ng-controller="RestController">
<button ng-click="getdata()">Click</button>
</div>
</body>
<script type="text/javascript">
angular.module('mobile',[])
.controller('RestController', ["$scope", "$http", function($scope, $http){
$scope.getdata = function(){
$http.get("https://localhost:3000/quiz")
.success(function(data){
alert(data);
}) ;
}
} ] );
</script>
</html>
Aucun commentaire:
Enregistrer un commentaire