[英]What's the best way to handle external unreachable service for SPA?
For a personal project, I'm developing a portal that provide some services only to connected users.对于个人项目,我正在开发一个仅向连接用户提供一些服务的门户。 When you are not connected you are redirected to keycloak that manages the authentication flow (login, password recovery, ....) and redirects to my angular app with a token, then for each call to my webservice i provide the token that is verified for each request between my webservice and keycloak.
当您未连接时,您将被重定向到管理身份验证流程(登录、密码恢复等)的 keycloak,并使用令牌重定向到我的 angular 应用程序,然后对于我的网络服务的每次调用,我都会提供经过验证的令牌对于我的网络服务和 keycloak 之间的每个请求。
I designed my app as follow: (really simple view)我设计了我的应用程序如下:(非常简单的视图)
The problem I have is that my angular app has a big dependency to Keycloak and my webservice.我遇到的问题是我的 angular 应用程序对 Keycloak 和我的网络服务有很大的依赖关系。 I would like my app to be resilient and be prepared if at least keycloak and/or my webservice is offline and ideally if any error or unwanted behavior happens (ex: error 500)
如果至少 keycloak 和/或我的网络服务处于离线状态,并且理想情况下发生任何错误或不需要的行为(例如:错误 500),我希望我的应用程序具有弹性并做好准备
I see several things I could do:我看到了我可以做的几件事:
Those are the ideas I have right now but i'm not sure it's the right way.这些是我现在的想法,但我不确定这是正确的方法。
I didn't find any relevant tutorial or article explaining how to do this properly (maybe i'm using bad keywords)我没有找到任何相关的教程或文章解释如何正确执行此操作(也许我使用了错误的关键字)
Do you have an idea?你有想法吗?
I believe the best way to go with is the interceptor where you can handle different errors.我相信 go 的最佳方法是拦截器,您可以在其中处理不同的错误。 For instance:
例如:
@Injectable()
export class RequestInterceptor implements HttpInterceptor {
intercept (request: HttpRequest<any>, next: HttpHandler) : Observable<HttpEvent<any>> {
return next.handle(request).pipe(
catchError(error => {
if (error.status === 0) {
// Handle unreachable server
}
if (error.status === 401) {
// Handle unauthenticated user
}
if (error.status === 500) {
// Handle server error
}
return throwError(error);
})
);
}
}
Checking in loop if server is reachable would cause a lot of unwanted traffic on your backend and I'm not sure if this is the solution you want to go with since you can have scaling problems if application takes off.如果服务器可访问,则循环检查会导致后端出现大量不需要的流量,我不确定这是否是您想要 go 的解决方案,因为如果应用程序起飞,您可能会遇到扩展问题。
You can implement "healthcheck" before redirection, but I don't see a reason for this check in the loop.您可以在重定向之前实施“健康检查”,但我没有在循环中看到此检查的原因。 You can do it once, before actual redirect only.
您只能在实际重定向之前执行一次。 But that is still naive test, because there can be error during user request handling and you want be able to cover it from the SPA.
但这仍然是一个幼稚的测试,因为在用户请求处理期间可能会出现错误,并且您希望能够从 SPA 中覆盖它。
401 is not a problem with unavailability. 401不是不可用的问题。 That is an info that request is
Unauthorized
.这是请求
Unauthorized
的信息。 You will get this info from the webservice, when you use expired token usually.当您通常使用过期令牌时,您将从 Web 服务获取此信息。 It is not right to redirect user to Keycloak login page in this case.
在这种情况下,将用户重定向到 Keycloak 登录页面是不对的。 There should be already in the place silent renew, which is watching expiration and it will "refresh" token before expiration.
应该已经有静默更新,它正在观察到期,它将在到期前“刷新”令牌。 Standard OIDC angular libraries offer this feature out of the box ( my favorite lib as well: )
标准 OIDC angular 库提供开箱即用的此功能( 我最喜欢的库也是:)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.