1

I am attempting to retrieve a WWW-Authenticate response header to grab OAUTH realm information from a site. To do this, I'm issuing the following call in JavaScript:

$.ajax(
{
    url: "https://server/resource.svc",
    type: "GET",                    
    beforeSend: function(xhr){
        xhr.setRequestHeader("Authorization", "Bearer");
    },
    headers: { "Authorization":"Bearer" }
})
.done(function(data,textStatus,jqXHR) { 
    alert(jqXHR.getResponseHeader('WWW-Authenticate')); 
})
.fail(function(jqXHR,textStatus,errorThrown) { 
    alert(jqXHR.getResponseHeader('WWW-Authenticate')); 
})

In fiddler I can see that the initial response from the server contains the WWW-Authenticate header I am expecting. However, my .ajax() call results in a total of 4 calls to the server (as it attempts to negotiate authentication) and only the headers from the last call are available at the time the .done or .fail method runs. By that point, the WWW-Authenticate header is not available.

So, is there a way to hook into the back-and-forth communications so the headers from that initial response can be retrieved?

Damon
  • 86
  • 4
  • 1
    don't you need Bearer token in Authorization header? https://developers.google.com/gmail/markup/actions/verifying-bearer-tokens – Roman Nov 11 '14 at 13:48
  • Not for this request -- I'm not trying to successfully authenticate. I'm just trying to get the realm information contained in the response from the request. I'm actually expecting to receive a 401 response for the request. – Damon Nov 11 '14 at 14:28

0 Answers0