SocialAuth & Tomcat - as well as limited data request
67 views
Skip to first unread message
badvad
May 9, 2011, 4:26:06 AM5/9/11
to socialauth-users
Hi all
I have only got as far as messing around with this and not got down to
implementation of this..
My questions:
1) After messing with the demo I found it asked for more information
compared to normal openid connection
i.e. standard openid google returns 3rd party wants to use email
address
socialauth returns google wants your email and contacts.
So the question is can this be controlled through the code (so for
example my web app can ask them if they wish to add their contacts
too ) ?
2) I think with what examples given on the struts I should be able to
sit down and code it as a servlet to run within tomcat..
I just wondered if this has already been done an all in one servlet
that you forward web request to - it then forwards to relevant
openid_authenticator - returns success failure - redirects back to
main site.
I have only got as far as messing around with this and not got down to
implementation of this..
My questions:
1) After messing with the demo I found it asked for more information
compared to normal openid connection
i.e. standard openid google returns 3rd party wants to use email
address
socialauth returns google wants your email and contacts.
So the question is can this be controlled through the code (so for
example my web app can ask them if they wish to add their contacts
too ) ?
2) I think with what examples given on the struts I should be able to
sit down and code it as a servlet to run within tomcat..
I just wondered if this has already been done an all in one servlet
that you forward web request to - it then forwards to relevant
openid_authenticator - returns success failure - redirects back to
main site.
Tarun
May 9, 2011, 10:16:40 AM5/9/11
to socialauth-users
Hi
1) Yes,you can control it through code. In our library you can set the
permission.
Permission object which can be Permission.AUHTHENTICATE_ONLY,
Permission.ALL, Permission.DEFAULT. But it depends from provider to
provider.
2) Yes, you can do it with servlet too. In the demo we are using two
different struts action, one for redirecting and other as a callback.
But you can do this in a same servlet and handle the callback.
Regards
Tarun
1) Yes,you can control it through code. In our library you can set the
permission.
Permission object which can be Permission.AUHTHENTICATE_ONLY,
Permission.ALL, Permission.DEFAULT. But it depends from provider to
provider.
2) Yes, you can do it with servlet too. In the demo we are using two
different struts action, one for redirecting and other as a callback.
But you can do this in a same servlet and handle the callback.
Regards
Tarun
badvad
May 9, 2011, 10:30:12 AM5/9/11
to socialauth-users
Thank you Tarun
badvad
May 9, 2011, 7:11:31 PM5/9/11
to socialauth-users
Must get to bed :)
When I try hotmail:
There's a problem with the site you are trying to share your
information with. Please try again later.
gmail:
The server could not process your request.
I have put the oauth file within the WEB-INF aswell as lib and
classes. This is a standard tomcat servlet site..
I also tried to compile from source and define a fixed static path to
the oauth file (although had problems making it load with anything) so
unsure if that would have fixed it
Just wondering if the messages returned are due to
oauth_consumer.properties
Tarun
May 10, 2011, 5:30:10 AM5/10/11
to socialauth-users
Hi
There may be a problem with your keys..
First you'll have to register your application with providers to get
the key/secret.
Use these key/secret in oauth_consumer.properties file.
Then you'll have to run your application with the same domain what you
have registered.
Read:- http://code.google.com/p/socialauth/wiki/GettingStarted
Can you please also run your application in debug log level and check
the logs and if possible then send the log details to me also.
Regards
Tarun
There may be a problem with your keys..
First you'll have to register your application with providers to get
the key/secret.
Use these key/secret in oauth_consumer.properties file.
Then you'll have to run your application with the same domain what you
have registered.
Read:- http://code.google.com/p/socialauth/wiki/GettingStarted
Can you please also run your application in debug log level and check
the logs and if possible then send the log details to me also.
Regards
Tarun
badvad
May 10, 2011, 7:15:43 AM5/10/11
to socialauth-users
Hi Tarun
At the moment I am still playing around so have 2 servlets
http://myprofessions.com/demo.htm
(I have only added keys for hotmail and google )
so not expecting rest to work
The demo redirects to OpenIdAuthentication?provider="+provider+"
Within google config:
Target URL path prefix: http://myprofessions.com/healthnbeauty/AuthSuccess
I had this on the 1st servlet and when I run the test it redirects me
to the login page(which is what I have asked it to do if no provider
is give)
so I have set it to AuthSuccess for now and unsure if AuthSuccess at
all works since when I run
Test your AuthSub registration it returns me to my site and
AuthSuccess url with a token but I see nothing (that is a seperate
issue if AuthSuccess is not returning anything)
Had a quick read of instructions on google and
http://code.google.com/apis/youtube/2.0/developers_guide_protocol_authsub.html
(http://code.google.com/apis/accounts/docs/
RegistrationForWebAppsAuto.html)
if you're making an AuthSub request, this URL must be identical to the
prefix value of the next parameter used in your authorization requests
So I presume this means I need to revert it back to
OpenIdAuthenticaion servlet... but this is how it was and it hasn't
been working
so far as debug etc I may have to run this all on another
instance..... since too much logs being dumped on my sites..
Here is something I could find from google: (so it knows of SuccessUrl
which was not part of the config on googles end last night)
10-May-2011 01:05:12 org.apache.catalina.valves.RequestDumperValve
invoke
INFO: header=Location=https://www.google.com/accounts/o8/
ud?openid.ax.mode=fetch_request&openid.ax.required=country%2Cemail
%2Cfirstname%2Clanguag
e%2Clastname&openid.ax.type.country=http%3A%2F%2Faxschema.org%2Fcontact
%2Fcountry%2Fhome&openid.ax.type.email=http%3A%2F%2Faxschema.org
%2Fcontact%2Femail&ope
nid.ax.type.firstname=http%3A%2F%2Faxschema.org%2FnamePerson
%2Ffirst&openid.ax.type.language=http%3A%2F%2Faxschema.org%2Fpref
%2Flanguage&openid.ax.type.lastn
ame=http%3A%2F%2Faxschema.org%2FnamePerson
%2Flast&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth
%2F2.0%2Fidentifier_select&openid.ext2.consumer=%2Fhe
althnbeauty&openid.ext2.scope=http%3A%2F%2Fwww.google.com%2Fm8%2Ffeeds
%2F&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth
%2F2.0%2Fidentifier_select&open
id.mode=checkid_setup&openid.ns.ax=http%3A%2F%2Fopenid.net%2Fsrv%2Fax
%2F1.0&openid.ns.ext2=http%3A%2F%2Fspecs.openid.net%2Fextensions
%2Foauth%2F1.0&openid.ns
.max_auth_age=0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net
%2Fextensions%2Fpape%2F1.0&openid.ns=http%3A%2F%2Fspecs.openid.net
%2Fauth%2F2.0&openid.realm=%2Fh
ealthnbeauty&openid.return_to=%2Fhealthnbeauty%2FAuthSuccess
10-May-2011 01:05:12 org.apache.catalina.valves.RequestDumperValve
invoke
INFO: message=null
10-May-2011 01:05:12 org.apache.catalina.valves.RequestDumperV
On May 10, 10:30 am, Tarun <tar...@brickred.com> wrote:
> Hi
>
> There may be a problem with your keys..
>
> First you'll have to register your application with providers to get
> the key/secret.
> Use these key/secret in oauth_consumer.properties file.
> Then you'll have to run your application with the same domain what you
> have registered.
>
> Read:-http://code.google.com/p/socialauth/wiki/GettingStarted
At the moment I am still playing around so have 2 servlets
http://myprofessions.com/demo.htm
(I have only added keys for hotmail and google )
so not expecting rest to work
The demo redirects to OpenIdAuthentication?provider="+provider+"
Within google config:
Target URL path prefix: http://myprofessions.com/healthnbeauty/AuthSuccess
I had this on the 1st servlet and when I run the test it redirects me
to the login page(which is what I have asked it to do if no provider
is give)
so I have set it to AuthSuccess for now and unsure if AuthSuccess at
all works since when I run
Test your AuthSub registration it returns me to my site and
AuthSuccess url with a token but I see nothing (that is a seperate
issue if AuthSuccess is not returning anything)
Had a quick read of instructions on google and
http://code.google.com/apis/youtube/2.0/developers_guide_protocol_authsub.html
(http://code.google.com/apis/accounts/docs/
RegistrationForWebAppsAuto.html)
if you're making an AuthSub request, this URL must be identical to the
prefix value of the next parameter used in your authorization requests
So I presume this means I need to revert it back to
OpenIdAuthenticaion servlet... but this is how it was and it hasn't
been working
so far as debug etc I may have to run this all on another
instance..... since too much logs being dumped on my sites..
Here is something I could find from google: (so it knows of SuccessUrl
which was not part of the config on googles end last night)
10-May-2011 01:05:12 org.apache.catalina.valves.RequestDumperValve
invoke
INFO: header=Location=https://www.google.com/accounts/o8/
ud?openid.ax.mode=fetch_request&openid.ax.required=country%2Cemail
%2Cfirstname%2Clanguag
e%2Clastname&openid.ax.type.country=http%3A%2F%2Faxschema.org%2Fcontact
%2Fcountry%2Fhome&openid.ax.type.email=http%3A%2F%2Faxschema.org
%2Fcontact%2Femail&ope
nid.ax.type.firstname=http%3A%2F%2Faxschema.org%2FnamePerson
%2Ffirst&openid.ax.type.language=http%3A%2F%2Faxschema.org%2Fpref
%2Flanguage&openid.ax.type.lastn
ame=http%3A%2F%2Faxschema.org%2FnamePerson
%2Flast&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth
%2F2.0%2Fidentifier_select&openid.ext2.consumer=%2Fhe
althnbeauty&openid.ext2.scope=http%3A%2F%2Fwww.google.com%2Fm8%2Ffeeds
%2F&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth
%2F2.0%2Fidentifier_select&open
id.mode=checkid_setup&openid.ns.ax=http%3A%2F%2Fopenid.net%2Fsrv%2Fax
%2F1.0&openid.ns.ext2=http%3A%2F%2Fspecs.openid.net%2Fextensions
%2Foauth%2F1.0&openid.ns
.max_auth_age=0&openid.ns.pape=http%3A%2F%2Fspecs.openid.net
%2Fextensions%2Fpape%2F1.0&openid.ns=http%3A%2F%2Fspecs.openid.net
%2Fauth%2F2.0&openid.realm=%2Fh
ealthnbeauty&openid.return_to=%2Fhealthnbeauty%2FAuthSuccess
10-May-2011 01:05:12 org.apache.catalina.valves.RequestDumperValve
invoke
INFO: message=null
10-May-2011 01:05:12 org.apache.catalina.valves.RequestDumperV
On May 10, 10:30 am, Tarun <tar...@brickred.com> wrote:
> Hi
>
> There may be a problem with your keys..
>
> First you'll have to register your application with providers to get
> the key/secret.
> Use these key/secret in oauth_consumer.properties file.
> Then you'll have to run your application with the same domain what you
> have registered.
>
badvad
May 10, 2011, 1:58:25 PM5/10/11
to socialauth-users
aha found it..
I had defined a dynamic return url i.e.
String success="/path/Servlet";
it needed to be
String success="http://mydomain.com/path/Servlet";
This must be to do with the settings of OAuth Consumer Secret:
checking back with return urls actual domain
So that message from google
and the other bigger error message form hotmail was because of return
url not actually containing the domain
For (future ref) if you had not come across it as yet.
So next question if I may
I have 3 projects on this specific domain and it appears with google
it needs to path to return url scripted within it.
I guess at this point I need to point all my projects back to the one
project I decide to choose to use as the master and have a look at the
url sent to work out where to return the Success to ?
Well logic tells me yes
I had defined a dynamic return url i.e.
String success="/path/Servlet";
it needed to be
String success="http://mydomain.com/path/Servlet";
This must be to do with the settings of OAuth Consumer Secret:
checking back with return urls actual domain
So that message from google
and the other bigger error message form hotmail was because of return
url not actually containing the domain
For (future ref) if you had not come across it as yet.
So next question if I may
I have 3 projects on this specific domain and it appears with google
it needs to path to return url scripted within it.
I guess at this point I need to point all my projects back to the one
project I decide to choose to use as the master and have a look at the
url sent to work out where to return the Success to ?
Well logic tells me yes
Abhinav
May 13, 2011, 7:55:08 AM5/13/11
to socialauth-users
Hi Vahid,
Can you please explain in more detail what how you want it to work? If
I understand correctly, then you have three projects that require
OpenID and it seems it would be easier for you to have the code for
redirection and handling success in each of the projects. If you are
trying to develop a single service that would handle OpenID for all
the projects - one way could be to pass a parameter (or just use the
ref URL) to mention the project whoch requested the OpenID
authentication and then the single service can redirect based on that
parameter after success. Please note that additional parameters if
sent to OpenID authentication are returned back too.
Please feel free to contact us if I did not understand the questions
correctly.
Warm regards,
Abhinav
Can you please explain in more detail what how you want it to work? If
I understand correctly, then you have three projects that require
OpenID and it seems it would be easier for you to have the code for
redirection and handling success in each of the projects. If you are
trying to develop a single service that would handle OpenID for all
the projects - one way could be to pass a parameter (or just use the
ref URL) to mention the project whoch requested the OpenID
authentication and then the single service can redirect based on that
parameter after success. Please note that additional parameters if
sent to OpenID authentication are returned back too.
Please feel free to contact us if I did not understand the questions
correctly.
Warm regards,
Abhinav
badvad
May 13, 2011, 10:37:02 AM5/13/11
to socialauth-users
I have answered this in a few posts on
It was my own misunderstanding of the google Auth url the top line it
requires which states define return url
Since this was hardcoded to one context I was wondering what I would
do with the other contexts
But since actually rolling out the code to all the contexts it appears
that url on google is ignored and it calls back the success url within
local OpenAuth which would be bound to each unique context
This is not an issue at all (it was me getting in a mess) before I had
even implemented it
It was my own misunderstanding of the google Auth url the top line it
requires which states define return url
Since this was hardcoded to one context I was wondering what I would
do with the other contexts
But since actually rolling out the code to all the contexts it appears
that url on google is ignored and it calls back the success url within
local OpenAuth which would be bound to each unique context
This is not an issue at all (it was me getting in a mess) before I had
even implemented it
mungara rajesh
Mar 2, 2015, 10:08:01 AM3/2/15
to socialau...@googlegroups.com
Hi badvad,
I am trying to run this on my localhost and did all the things as specified in socialauth examples.
I am still not able to resolve this exception.
org.brickred.socialauth.exception.SocialAuthException: Key in Request Token is null or blank
When I click the gmail icon, the authentication is being successful, but the request is blank where in I cannot find any parameters which are required to connect to get the provider.
I have implemented this project in Spring.
Please help on this.
Reply all
Reply to author
Forward
0 new messages