Skip to content

ahn/vaadin-oauthpopup

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
oauthpopup-demo
oauthpopup-demo
 
 
oauthpopup
oauthpopup
 
 
.gitignore
.gitignore
 
 
LICENSE.txt
LICENSE.txt
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

OAuth Popup Add-on for Vaadin 7.1+

OAuth Popup add-on contains buttons that open an OAuth popup dialog where the user can authorize the Vaadin application to do things on the users' behalf on various services such as Facebook, Twitter, etc.

IMPORTANT

There's a fork of this addon by Bryson Dunn, with updated Scribe and other improvements:

https://github.com/bdunn44/vaadin-oauthpopup

^ Use that instead.

Add-on

Available as an add-on in Vaadin Directory.

Description

This add-on is similar to the OAuth Buttons add-on, except that this one:

  • requires Vaadin 7.1+
  • opens the OAuth dialog in a separate browser window, keeping the application window open
  • doesn't have helper user classes for login; this one simply returns an OAuth access token and it's up to the application to do something with it

Since the OAuth dialog is opened in a separate window, the application should enable server push. Otherwise the actual application UI will not be updated when the OAuth window is done, because without push the client of the application UI doesn't know that somethings's changed.

This add-on uses Scribe library for OAuth.

The OAuthPopupButton can be used by simply giving a Scribe API and API key+secret to its constructor, or by extending it. A couble of subclasses are already at package org.vaadin.addon.oauthpopup.buttons.

NOTE: I'm not sure if the add-on currently works with all the Scribe APIs, probably not...

Usage example

To use OAuth, you must first create an application for the service in question. Give the applications key and secret to the constructor of OAuthPopupButton (or of its subclass such as TwitterButton). For example, Twitter applications can be created here.

OAuthPopupButton ob = new TwitterButton(TW_KEY, TW_SECRET);

ob.addOAuthListener(new OAuthListener() {
  @Override
  public void authSuccessful(String accessToken, String accessTokenSecret) {
    Notification.show("Authorized");
    // TODO: do something with the access token
  }

  @Override
  public void authDenied(String reason) {
    Notification.show("Authorization denied");
  }
});

layout.addComponent(ob);

For some services it's possible to set the scope of OAuth authorization. The format of scope is service-depended, often a comma-separate list of names.

ob.setScope("email");

By default, the OAuth window is opened in a new tab in most browsers. You can control that by setting the features that are redirected to the BrowserWindowOpener of the button.

ob.setPopupWindowFeatures("resizable,width=400,height=300");

If you like to use some component other than button to open the popup window, you can extend any component with a OAuthPopupOpener.

Roadmap

This component has no public roadmap or any guarantees of upcoming releases.

Feedback is welcome. Comment on Directory, add an issue on GitHub, or mail me.

Contribution

Contributions are appreciated as well. Process for contributing is the following:

  • Fork this project
  • Create an issue to this project about the contribution (bug or feature) if there is no such issue about it already. Try to keep the scope minimal.
  • Develop and test the fix or functionality
  • Refer to the fixed issue in commit
  • Send a pull request for the original project
  • Comment on the original issue that you have implemented a fix for it

Building and running demo

To get, compile and run the project:

git clone https://github.com/ahn/vaadin-oauthpopup.git
cd vaadin-oauthpopup
mvn clean install
cd oauthpopup-demo
mvn jetty:run

To see the demo, navigate to http://localhost:8080/

To create an addon package that can be uploaded to Vaadin Directory

cd oauthpopup
mvn clean package assembly:single

About implementation

The basic flow goes as follows:

  1. OAuthPopupButton extends itself with OAuthPopupOpener
  2. When OAuthPopupOpener is attached, it
    • stores a OAuthData instance as a session attribute, for other windows to read
  3. When the button is clicked, the opener opens a OAuthPopupUI in a new window
  4. The OAuthPopupUI
    • reads the OAuthData from the session attribute
    • adds a new OAuthCallbackRequestHandler to the current session
    • redirects the user to the OAuth authorization URL
  5. When the user returns from the authorization URL to our callback URL:
    • the OAuthCallbackRequestHandler is no longer needed, and is removed from session
    • the OAuthListeners of are called, either authSuccessful or authFailed
  6. When the OAuthPopupOpener is detached, it clears the session attribute where the OAuthData was

License

Add-on is distributed under Apache License 2.0. For license terms, see LICENSE.txt.

About

OAuth Popup Add-on for Vaadin 7.1+

Resources

Readme

License

Apache-2.0 license
Activity

Stars

9 stars

Watchers

4 watching

Forks

16 forks
Report repository

Releases

4 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages