IMPORTANT: The plugin is still in develop and maybe cause unexpected behaviors
This plugin adds a simple user authentication layer to your application. It depends on Scribe for the oauth process.
Add the library dependency and the repository resolver to the build.sbt:
libraryDependencies += "com.ssachtleben" %% "play-auth-plugin" % "3.5-SNAPSHOT"
resolvers += Resolver.url("ssachtleben repository (snapshots)", url("http://ssachtleben.github.io/play-plugins/repository/snapshots/"))(Resolver.ivyStylePatterns)
The auth and event plugins have to be added in the conf/play.plugins:
1300:com.ssachtleben.play.plugin.event.EventPlugin
1400:com.ssachtleben.play.plugin.auth.AuthPlugin
The following auth providers are supported:
| Name | Type | Configuration Key |
|---|---|---|
| OAuth2 | ||
| OAuth2 | ||
| OAuth2 | ||
| OAuth1 | ||
| Yahoo | OAuth1 | yahoo |
Each provider needs to be configurated in the application.conf:
| Name | Description |
|---|---|
| key | The application id |
| secret | The appication secret |
| scope | The oauth scope |
| fields | Name of the fields which will be provided in a json data object |
| callback | The callback url |
| success | The success url |
| error | The error url |
This is an example configuration for facebook:
auth.facebook.key="123456789"
auth.facebook.secret="123456789123456789"
auth.facebook.scope="email,publish_actions"
auth.facebook.fields="id,name,email,first_name,picture"
auth.facebook.callback="http://localhost:9000/login/facebook/auth"
auth.facebook.success="http://localhost:9000/login/facebook/success"
auth.facebook.error="http://localhost:9000/login/facebook/error"
All providers with a valid configuration are active by default. If a provider is not working as excepted change the log level in the application.conf and check the log files for warnings:
logger.com.ssachtleben.play.plugin.auth.Providers=WARN
It's possible to execute custom code during the authentication process. There are multiple events which can be observed.
Here is a list with all authentication events:
| Name | Description | Parameter |
|---|---|---|
| AuthEvents.AUTHENTICATION_BEFORE | This event will be fired before the auth process starts. | play.mvc.Http.Context ctx, String providerKey |
| AuthEvents.AUTHENTICATION_AFTER | This event will be fired after the auth process. | play.mvc.Http.Context ctx, String providerKey |
| AuthEvents.AUTHENTICATION_ERROR | This event will be fired if the user can't properly authenticate. | play.mvc.Http.Context ctx, String providerKey |
| AuthEvents.AUTHENTICATION_SUCCESS | This event will be executed on a sucessful auth. | play.mvc.Http.Context ctx, Object user, String providerKey |
All events will be executed syncron by default which means if you want to execute time consuming operations in the observer methods you should schedule a async task with Akka.
It's also possible to change all events to async via application.conf:
auth.events.async = true
The auth plugin depends on the event plugin which is used to trigger them. It's very easy to observe them. Here is an example:
@Observer(topic = AuthEvents.AUTHENTICATION_SUCCESSFUL)
public static void handleAuthenticationSuccess(final Context ctx, final Object user, final String provider) {
log.info(String.format("Authentication success event [provider=%s, user=%s]", provider, user));
}
The @LoggedIn annotation allows only http request for logged in users:
@LoggedIn
public class Application extends Controller {
...
}