Grails 3: https://github.com/enr/s2oauth
Adds OAuth-based authentication to the Spring Security plugin using the OAuth plugin.
This plugin provides an OAuth realm that can easily be integrated into existing applications and a host of utility functions to make things like "log in with Twitter" almost trivial.
This README refers to the code currently in the master branch, maybe not yet released.
Please, see Grails plugin portal for instructions about the actual released version.
2.1 (not yet released)
Controller and view are not anymore created in the app but are available as plugin artefacts.
View has a configurable layout via grails.plugin.springsecurity.oauth.layout
configuration key.
2.0.2
Version provider's service and token are moved into separate plugin, example:
':spring-security-oauth-google:0.1'
To install the last version of the plugin you need to add custom repositories to your BuildConfig.groovy
:
mavenRepo "https://raw.github.com/fernandezpablo85/scribe-java/mvn-repo"
mavenRepo "http://repo.spring.io/milestone/"
In BuildConfig.groovy
, add the dependency to "plugins" section:
plugins {
//...
compile ':spring-security-oauth:2.1.0-SNAPSHOT'
// and also you need add at least one of extensions:
compile ':spring-security-oauth-facebook:0.1'
compile ':spring-security-oauth-google:0.1'
compile ':spring-security-oauth-linkedin:0.1'
compile ':spring-security-oauth-twitter:0.1'
compile ':spring-security-oauth-yahoo:0.1'
//...
}
Change the version to reflect the actual version you would like to use.
Install the plugin as described above by adding a dependency in BuildConfig.groovy. Then follow Spring Security Core and OAuth plugins documentation.
Sample configuration for Spring Security Core request mapping:
grails.plugin.springsecurity.securityConfigType = "InterceptUrlMap"
grails.plugin.springsecurity.interceptUrlMap = [
'/': ['permitAll'],
'/index': ['permitAll'],
'/index.gsp': ['permitAll'],
'/**/js/**': ['permitAll'],
'/**/css/**': ['permitAll'],
'/**/images/**': ['permitAll'],
'/**/favicon.ico': ['permitAll'],
'/login/**': ['permitAll'],
'/logout/**': ['permitAll'],
'/oauth/**': ['permitAll']
]
Sample configuration for OAuth plugin (each provider needs the proper spring-security-oauth-* plugin):
def appName = grails.util.Metadata.current.'app.name'
def baseURL = grails.serverURL ?: "http://localhost:${System.getProperty('server.port', '8080')}/${appName}"
oauth {
debug = true
providers {
facebook {
api = org.scribe.builder.api.FacebookApi
key = 'oauth_facebook_key'
secret = 'oauth_facebook_secret'
successUri = '/oauth/facebook/success'
failureUri = '/oauth/facebook/failure'
callback = "${baseURL}/oauth/facebook/callback"
}
twitter {
api = org.scribe.builder.api.TwitterApi
key = 'oauth_twitter_key'
secret = 'oauth_twitter_secret'
successUri = '/oauth/twitter/success'
failureUri = '/oauth/twitter/failure'
callback = "${baseURL}/oauth/twitter/callback"
}
linkedin {
api = org.scribe.builder.api.LinkedInApi
key = 'oauth_linkedin_key'
secret = 'oauth_linkedin_secret'
successUri = '/oauth/linkedin/success'
failureUri = '/oauth/linkedin/failure'
callback = "${baseURL}/oauth/linkedin/callback"
}
// for Google OAuth 1.0 DEPRECATED
google {
api = org.scribe.builder.api.GoogleApi
key = 'oauth_google_key'
secret = 'oauth_google_secret'
successUri = '/oauth/google/success'
failureUri = '/oauth/google/failure'
callback = "${baseURL}/oauth/google/callback"
scope = 'https://www.googleapis.com/auth/userinfo.email'
}
// for Google OAuth 2.0
google {
api = org.grails.plugin.springsecurity.oauth.GoogleApi20
key = 'oauth_google_key'
secret = 'oauth_google_secret'
successUri = '/oauth/google/success'
failureUri = '/oauth/google/failure'
callback = "${baseURL}/oauth/google/callback"
scope = 'https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email'
}
}
}
Other configuration keys you can use, are (with their default values):
grails.plugin.springsecurity.oauth.active = true
grails.plugin.springsecurity.oauth.domainClass = 'OAuthID'
grails.plugin.springsecurity.oauth.userLookup.oAuthIdsPropertyName = 'oAuthIDs'
grails.plugin.springsecurity.oauth.registration.askToLinkOrCreateAccountUri = '/oauth/askToLinkOrCreateAccount'
grails.plugin.springsecurity.oauth.registration.roleNames = ['ROLE_USER']
Once you have an user domain and configured provider names, go with:
grails s2-init-oauth [domain-class-package] [oauthid-class-name]
Example:
grails s2-init-oauth com.yourapp OAuthID
that creates the domain class com.yourapp.OAuthID
Finally, add:
static hasMany = [oAuthIDs: OAuthID]
to you user domain class.
In your view you can use the taglib exposed from this plugin and from OAuth plugin to create links and to know if the user is authenticated with a given provider:
<oauth:connect provider="twitter" id="twitter-connect-link">Twitter</oauth:connect>
<oauth:connect provider="facebook" id="facebook-connect-link">Facebook</oauth:connect>
<oauth:connect provider="google" id="google-connect-link">Google</oauth:connect>
<oauth:connect provider="linkedin" id="linkedin-connect-link">Linkedin</oauth:connect>
<oauth:connect provider="yahoo" id="yahoo-connect-link">Yahoo</oauth:connect>
Logged with facebook? <s2o:ifLoggedInWith provider="facebook">yes</s2o:ifLoggedInWith><s2o:ifNotLoggedInWith provider="facebook">no</s2o:ifNotLoggedInWith>
Logged with twitter? <s2o:ifLoggedInWith provider="twitter">yes</s2o:ifLoggedInWith><s2o:ifNotLoggedInWith provider="twitter">no</s2o:ifNotLoggedInWith>
Logged with google? <s2o:ifLoggedInWith provider="google">yes</s2o:ifLoggedInWith><s2o:ifNotLoggedInWith provider="google">no</s2o:ifNotLoggedInWith>
Logged with linkedin? <s2o:ifLoggedInWith provider="linkedin">yes</s2o:ifLoggedInWith><s2o:ifNotLoggedInWith provider="linkedin">no</s2o:ifNotLoggedInWith>
Logged with yahoo? <s2o:ifLoggedInWith provider="yahoo">yes</s2o:ifLoggedInWith><s2o:ifNotLoggedInWith provider="yahoo">no</s2o:ifNotLoggedInWith>
List of known extensions:
To try out before release use the create-testapps
script:
Create a file testapps/s2oauth/testapps-config.groovy
(ignored from Git) with your external providers valid credentials
oauth {
providers {
facebook {
key = '...'
secret = '...'
}
twitter {
key = '...'
secret = '...'
}
linkedin {
key = '...'
secret = '...'
}
google {
key = '...'
secret = '...'
}
}
}
Run ./grailsw compile && ./grailsw create-testapps
.
That's it!