OAuth1 from multiple domains.
30 views
Skip to first unread message
Gonil Rho
Jul 12, 2016, 4:54:09 AM7/12/16
to Silhouette
I set multiple domain for single play application, and try to authenticate with OAuth1 (twitter)
I set callbackURL = "http://my-domain1.com/auth/oauth1/twitter"
If I authenticate from my-domain1.com, it work great.
But, when I try to authenticate from my-domain2.com, silhouette complains like this,
--------------------------------------------------------------------
OAuth1TokenSecretException: [Silhouette][CookieSecretProvider] Secret cookie doesn't exists for name: OAuth1TokenSecret
--------------------------------------------------------------------
I thought callbackURL must have 'same' host(domain) with caller, then start to find the way to set domain-dependent callbackURL parameter.
After few hours,
I found OAuth1Provider try to resolve callback url from relative path when request access token:
| case _ => service.retrieveRequestToken(resolveCallbackURL(settings.callbackURL)).flatMap { info => |
So, I change my callbackURL parameter to relative one: "http://my-domain1.com/auth/oauth1/twitter" => "/auth/oauth1/twitter"
And it fails too.....
And I finally found!!, PlayOAuth1Service didn't use resolved url, and just use the url from settings(silhouette.conf).
| override def retrieveRequestToken(callbackURL: String)(implicit ec: ExecutionContext): Future[OAuth1Info] = { | |
| Future(service.retrieveRequestToken(settings.callbackURL)).map(_.fold( | |
| e => throw e, | |
| t => OAuth1Info(t.token, t.secret))) | |
| } |
Am I in the right way?
or should I solve this by other way?
Please help me...
Christian Kaps
Jul 12, 2016, 5:52:37 AM7/12/16
to Silhouette
Hi,
you should override the configuration locally as described in the docs. But note, this functionality doesn't work as expected in version 3 of Silhouette. You should use version 4 instead.
Best regards,
Christian
Gonil Rho
Jul 12, 2016, 8:11:55 AM7/12/16
to Silhouette
Oh, thx master!!
p.withSettings{config =>
val oldUrl = URI.create(config.callbackURL)
val scheme = if (request.secure) "https://" else "http://"
val newUrl = URI.create(scheme + request.host + oldUrl.getPath).toString
config.copy(callbackURL = newUrl)
}.authenticate.flatMap { ...
thx again!
It works like a charm.
I did it likes below..
p.withSettings{config =>
val oldUrl = URI.create(config.callbackURL)
val scheme = if (request.secure) "https://" else "http://"
val newUrl = URI.create(scheme + request.host + oldUrl.getPath).toString
config.copy(callbackURL = newUrl)
}.authenticate.flatMap { ...
thx again!
Reply all
Reply to author
Forward
0 new messages