SecureSocial and Deadbolt integration

[Jorge Aliss]

Hi All,

I just added some changes to SecureSocial that allow easy integration
with the Deadbolt module.
Let me know what you think.

Thanks,
Jorge

[Rakesh Waghela]

Example ? Details ? Usecase ?

[Jorge Aliss]

Looks like I sent the announcement without the link :-)

There is a sample app that shows the integration. If you downloaded
the module look in the samples-and-tests directory or check it out on
GitHub: https://github.com/jaliss/securesocial/tree/master/samples-and-tests/deadbolt-integration.

Jorge

On Fri, Nov 25, 2011 at 12:57 PM, Rakesh Waghela <java...@gmail.com> wrote:
> Example ? Details ? Usecase ?
>

> --
> You received this message because you are subscribed to the Google Groups
> "play-framework" group.
> To view this discussion on the web visit
> https://groups.google.com/d/msg/play-framework/-/cYZsiL5i118J.
> To post to this group, send email to play-fr...@googlegroups.com.
> To unsubscribe from this group, send email to
> play-framewor...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/play-framework?hl=en.
>

[Olivier Refalo]

I am new to OAuth. I see that most providers require to validate the domain from which the application will run.

How does a developer would set this up ? In other words... I can I run the authentication from the localhost ?

[Jorge Aliss]

Some providers (eg: facebook) will not work from localhost. Basically
you have two options:

1) Use something like Dyndns to create a domain that is mapped to the
IP your ISP gives you. This is what I use.

2) Host your the app in a server and use the app from there. I hosted
the demo for SecureSocial on OpenShift for example.

Jorge

> --
> You received this message because you are subscribed to the Google Groups
> "play-framework" group.
> To view this discussion on the web visit

> https://groups.google.com/d/msg/play-framework/-/NYHdyWT4f5kJ.

[Marius Soutier]

I think Facebook works with either 127.0.0.1 or the .local domain (if you dev on Mac).

[Jorge Aliss]

Facebook only redirects to the URL specified in the application
registration. Using localhost or 127.0.0.1 might work (I have not
tried it myself) but that would mean the app can only be used in the
same machine the play server is running.

Also, Google won't work in this case because you need to verify your
domain and you need a publicly accessible URL for that.

Jorge

[Marius Soutier]

On 02.12.2011, at 15:05, Jorge Aliss wrote:

> Facebook only redirects to the URL specified in the application
> registration. Using localhost or 127.0.0.1 might work (I have not
> tried it myself) but that would mean the app can only be used in the
> same machine the play server is running.

It redirects in the browser, so it will point to your machine, which is usually enough for development (that's how I understood the question).

[Olivier Refalo]

Thank you for the clarification, I can confirm that yahoo also doesn't work with a local domain.

... hum... kind of limiting to develop with OAuth enabled. I remember playing with RPXnow and having no issues.

[Jorge Aliss]

Yes, Facebook might work (I have not tried with localhost) if you
specify "localhost" in your callback url when the app is registered.
But for Google will not because it needs to verify your domain thus
the URL needs to be accesible on the Internet.

Other providers such as Twitter, Wordpress and MyOpenID will work with
localhost just fine.

Jorge

[Jorge Aliss]

The problem is that some providers only redirect back to the callback
URL you set when registering the app. Have you tried registering
"localhost" in yahoo?

Using Dyndns was the best in my case because I can just configure my
router to update the domain with the IP address that my ISP gives.
It would be more complex on a corporate network.

Do you need to use all the providers in development?

> --
> You received this message because you are subscribed to the Google Groups
> "play-framework" group.
> To view this discussion on the web visit

> https://groups.google.com/d/msg/play-framework/-/cmzOeWIjY_sJ.

[DanInDC]

I've gotten around this by adding a /etc/hosts file entry so whatever
i registered my callback in the facebook app would point to 127.0.0.1.

[Olivier Refalo]

I have, they want a certified domain.

No big deal I'll stick to another provider for development purposes.

[Jorge Aliss]

That is another option, however Google will not work in this case.

[Olivier Refalo]

ok,  problems... 3 hours spent on this module.. I am on the verge of giving up

it's not a technical issue... it's really documentation.

Since most providers have multiple ways to create applications and authentication mechanism, It would be a great idea to create a wiki with basic setup instructions.

I got the following list from project socialauth

• Google (show screenshot) - http://code.google.com/apis/accounts/docs/RegistrationForWebAppsAuto.html
• Yahoo (show screenshot) - https://developer.apps.yahoo.com/dashboard/createKey.html
• Twitter - http://twitter.com/apps
• Facebook - http://www.facebook.com/developers/apps.php
• Hotmail (show screenshot) - http://msdn.microsoft.com/en-us/library/cc287659.aspx
• FourSquare - (show screenshot) - https://foursquare.com/oauth/
• MySpace - (show screenshot) - http://developer.myspace.com/Apps.mvc
• Linkedin - (show screenshot) - https://www.linkedin.com/secure/developer

Does this list apply to your project ?

I tried google with a localhost URL and I am still stuck.  Maybe a section on how can developers test the sample with their own keys would be a good idea ?

[Jorge Aliss]

Olivier,

There's always room for improvement. I am sorry you spent 3 hours
without success. The documentation currently does not have the steps
for each provider. I thought about it but I did not have time to
write more.

Keep in mind that for all the OAuth (1 or 2 of course) providers you need to:

1) Go to the developer site of the service (eg: facebook, twitter,
etc). Fill a form with your app details and then you get the values
needed in your application.conf. It should not be too difficult.

2) If we document the steps to register the app in all the services
then we also need to make sure the docs are up to date if there are
any changes in those 3rd party services. You mentioned you're new to
OAuth, I'm sure once you get a bit more familiar with it you'll notice
they all follow the same "pattern" of application registration.
Again, documentation would be nice, but I don't have much free time
lately.

You said Google does not work with localhost on your last email. This
is correct, I said so in my previous emails. Google needs to verify
your domain and for that you have to do some steps to show you control
it. So if your app is not accesible on the Internet you cannot make
it work.

However, Twitter should work with localhost fine. Can you double
check the values for your app? Also, make sure you enter a callback
URL. You need a value there, try http://localhost. I have used
Twitter with localhost in my environment.

Also, there is a previous email on the thread where they suggested
adding values in your /etc/hosts file to make the redirection work.
Did you try that? That can help with Facebook for example.

Jorge

> --
> You received this message because you are subscribed to the Google Groups
> "play-framework" group.
> To view this discussion on the web visit

> https://groups.google.com/d/msg/play-framework/-/ZuTMxqJH_0sJ.

[Olivier Refalo]

Jorge, thanks for the details.

I got most of your steps, the confusion comes from the return url, I think. 

Also, (for twitter) , it's confusing:

there is a Consumer key, Consumer secret.. but then also, an access token & access token secret.

Actually, thinking about all of this, localhost is probably not a good option - I remember having issues with cookies when use with local host.

Will give it another 3h ;-)