OAuth for Login


OAuth 2.0 is widely used for “login” feature. Skinny Framework provides some modules for that.

Skinny’s OAuth 2.0 modules uses Apache Oltu internally.

https://oltu.apache.org/


OAuth 2.0 (Facebook, GitHub, Google and so on)


skinny-oauth2-controller contains Facebook, GitHub and Google login features.

Add the following dependency in your project/Build.scala.

libraryDependencies += "org.skinny-framework" %% "skinny-oauth2-controller" % "2.3.5"

Facebook

Facebook login API is mostly compatible with OAuth 2.0. See the official documentation here:

https://developers.facebook.com/docs/facebook-login/

Facebook

package controller

import skinny.controller.feature.FacebookLoginFeature
import skinny.oauth2.client.facebook.FacebookUser

class FBAuthController extends ApplicationController with FacebookLoginFeature {
  // these env variables are expected by default
  // SKINNY_OAUTH2_CLIENT_ID_FACEBOOK
  // SKINNY_OAUTH2_CLIENT_SECRET_FACEBOOK

  override def redirectURI = "http://localhost:8080/auth/facebook/callback"

  override protected def saveAuthorizedUser(fbUser: FacebookUser): Unit = {
    val user = User.findById(fbUser.id).getOrElse { 
      User.create(fbUser)
    }
    session.setAttribute("currentUser", user)
  }

  override protected def handleWhenLoginFailed(): Any = {
    flash("warn") = "Login failed. Please try again."
    redirect302("/auth")
  }

  override protected def handleWhenLoginSucceeded(): Any = {
    flash("info") = "You have successfully registered and logged in."
    redirect302("/")
  }
}

object Controllers {
  object fbAuth extends FBAuthController with Routes {
    val facebookLoginUrl = post("/auth/facebook")(loginRedirect).as('facebookLogin)
    val facebookLoginCallbackUrl = get("/auth/facebook/callback")(callback).as('facebookLogin)
  }
}

If you’d like to integrate this login feature with SkinnySession, append the following traits.

import skinny.controller.feature.SkinnySessionOAuth2LoginFeature

class FBAuthController extends ApplicationController with FacebookLoginFeature 
  // skinny.filter.SkinnySessionFilter is also required in ApplicationController
  with SkinnySessionOAuth2LoginFeature[FacebookUser] {

}

GitHub

Almost same :) Your developer applications provide OAuth 2.0 authorization. Register new application here.

https://github.com/settings/applications

GitHub

import skinny.controller.feature.GitHubLoginFeature
import skinny.oauth2.client.github.GitHubUser

class SessionsController extends ApplicationController with GitHubLoginFeature {
  // these env variables are expected by default
  // SKINNY_OAUTH2_CLIENT_ID_GITHUB
  // SKINNY_OAUTH2_CLIENT_SECRET_GITHUB

  override protected def saveAuthorizedUser(ghUser: GitHubUser): Unit = { .. }

}

Google

Google API supports OAuth 2.0 authorization. Create your API project and gerenate credentials here.

Google

https://console.developers.google.com/

import skinny.controller.feature.GoogleLoginFeature
import skinny.oauth2.client.google.GoogleUser

class SessionsController extends ApplicationController with GoogleLoginFeature {

  // these env variables are expected by default
  // SKINNY_OAUTH2_CLIENT_ID_GOOGLE
  // SKINNY_OAUTH2_CLIENT_SECRET_GOOGLE

  override protected def saveAuthorizedUser(gUser: GoogleUser): Unit = { .. }

}

Dropbox

https://www.dropbox.com/developers/core/docs#oa2-authorize

Dropbox

As same as above examples, these env variables are expected by default.

class SessionsController extends ApplicationController with DropboxLoginFeature {
  override protected def saveAuthorizedUser(dropboxUser: DropboxUser): Unit = { .. }
}

Typetalk from Nulab

Typetalk

As same as above examples, these env variables are expected by default.

class SessionsController extends ApplicationController with TypetalkLoginFeature {
  override protected def saveAuthorizedUser(typetalkUser: TypetalkUser): Unit = { .. }
}

Backlog from Nulab

Backlog

As same as above examples, these env variables are expected by default.

Specify your own space id as spaceID in the controller.

class SessionsController extends ApplicationController with BacklogLoginFeature {
  override def spaceID = "subdomain name"
  override protected def saveAuthorizedUser(backlogUser: BacklogUser): Unit = { .. }
}

Although it’s a little bit confusing, OAuth2 support for Japanese customers are separated. Add “JP” suffix for all the configuarations.

These env variables are expected by default.

class SessionsController extends ApplicationController with BacklogJPLoginFeature {
  override def spaceID = "subdomain name"
  // BacklogUser model is the same
  override protected def saveAuthorizedUser(backlogUser: BacklogUser): Unit = { .. }
}

Twitter OAuth 1.0a for Login


https://dev.twitter.com/docs/auth/oauth

Twitter

Your applications are here. Since you cannot register localhost app, edit /etc/hosts for debugging.

https://apps.twitter.com/

skinny-twitter-controller provides you Twitter login (OAuth 1.0a authorization) and prepared twitter4j.Twitter in controllers.

http://twitter4j.org/en/index.html


Add the following dependency in your project/Build.scala.

libraryDependencies += "org.skinny-framework" %% "skinny-twitter-controller" % skinnyVersion

And just use TwitterLoginFeature trait.

import skinny.controller.feature.TwitterLoginFeature

class SessionsController extends ApplicationController with TwitterLoginFeature {
  // these env variables are expected by default
  // SKINNY_OAUTH1_CONSUMER_KEY_TWITTER
  // SKINNY_OAUTH1_CONSUMER_SECRET_TWITTER

  // Twitter API doesn't allow localhost app, edit /etc/hosts
  override def isLocalDebug = true

  override protected def saveAuthorizedUser(twUser: twitter4j.User): Unit = { .. }
If you find a typo or mistake in this page, please report or fix it. How?