Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Adds OAuth-based authentication to the Spring Security plugin
Groovy Shell
branch: master

This branch is 107 commits ahead, 3 commits behind cazacugmihai:master

Failed to load latest commit information.
grails-app try to fix automatic release
scripts fix default configuration
src
test add CodeNarc checks
testapps/s2oauth upgrade to Grails 2.4 RC2 and SSC 2.0 RC3
wrapper upgrade Grails to 2.4.4
.gitignore add testapps
.travis.yml test Travis CI publishing
README.md use grailsw in example
SpringSecurityOauthGrailsPlugin.groovy back to snapshot and remove loadafter
application.properties upgrade Grails to 2.5.0
grailsw upgrade Grails to 2.4.4
grailsw.bat upgrade Grails to 2.4.4
testapps.config.groovy upgrade to Grails 2.4 RC2 and SSC 2.0 RC3
travis-build.sh reintroduce Codenarc using @SuppressWarnings

README.md

grails-spring-security-oauth

Build Status

Adds OAuth-based authentication to the Spring Security plugin using the OAuth plugin.

This plugin provides an OAuth realm that can easily be integrated into existing applications and a host of utility functions to make things like "log in with Twitter" almost trivial.

This README refers to the code currently in the master branch, maybe not yet released.

Please, see Grails plugin portal for instructions about the actual released version.

Changelog

2.1 (not yet released)

Controller and view are not anymore created in the app but are available as plugin artefacts.

View has a configurable layout via grails.plugin.springsecurity.oauth.layout configuration key.

2.0.2

Version provider's service and token are moved into separate plugin, example:

':spring-security-oauth-google:0.1'

Installation

To install the last version of the plugin you need to add custom repositories to your BuildConfig.groovy:

    mavenRepo "https://raw.github.com/fernandezpablo85/scribe-java/mvn-repo"
    mavenRepo "http://repo.spring.io/milestone/"

In BuildConfig.groovy, add the dependency to "plugins" section:

    plugins {
        //...
        compile ':spring-security-oauth:2.1.0-SNAPSHOT'

        // and also you need add at least one of extensions:
        compile ':spring-security-oauth-facebook:0.1'
        compile ':spring-security-oauth-google:0.1'
        compile ':spring-security-oauth-linkedin:0.1'
        compile ':spring-security-oauth-twitter:0.1'
        compile ':spring-security-oauth-yahoo:0.1'
        //...
    }

Change the version to reflect the actual version you would like to use.

Usage

Install the plugin as described above by adding a dependency in BuildConfig.groovy. Then follow Spring Security Core and OAuth plugins documentation.

Sample configuration for Spring Security Core request mapping:

grails.plugin.springsecurity.securityConfigType = "InterceptUrlMap"
grails.plugin.springsecurity.interceptUrlMap = [
    '/':                ['permitAll'],
    '/index':           ['permitAll'],
    '/index.gsp':       ['permitAll'],
    '/**/js/**':        ['permitAll'],
    '/**/css/**':       ['permitAll'],
    '/**/images/**':    ['permitAll'],
    '/**/favicon.ico':  ['permitAll'],
    '/login/**':        ['permitAll'],
    '/logout/**':       ['permitAll'],
    '/oauth/**':        ['permitAll']
]

Sample configuration for OAuth plugin (each provider needs the proper spring-security-oauth-* plugin):

def appName = grails.util.Metadata.current.'app.name'
def baseURL = grails.serverURL ?: "http://localhost:${System.getProperty('server.port', '8080')}/${appName}"
oauth {
    debug = true
    providers {
        facebook {
            api = org.scribe.builder.api.FacebookApi
            key = 'oauth_facebook_key'
            secret = 'oauth_facebook_secret'
            successUri = '/oauth/facebook/success'
            failureUri = '/oauth/facebook/failure'
            callback = "${baseURL}/oauth/facebook/callback"
        }
        twitter {
            api = org.scribe.builder.api.TwitterApi
            key = 'oauth_twitter_key'
            secret = 'oauth_twitter_secret'
            successUri = '/oauth/twitter/success'
            failureUri = '/oauth/twitter/failure'
            callback = "${baseURL}/oauth/twitter/callback"
        }
        linkedin {
            api = org.scribe.builder.api.LinkedInApi
            key = 'oauth_linkedin_key'
            secret = 'oauth_linkedin_secret'
            successUri = '/oauth/linkedin/success'
            failureUri = '/oauth/linkedin/failure'
            callback = "${baseURL}/oauth/linkedin/callback"
        }

        // for Google OAuth 1.0 DEPRECATED
        google {
            api = org.scribe.builder.api.GoogleApi
            key = 'oauth_google_key'
            secret = 'oauth_google_secret'
            successUri = '/oauth/google/success'
            failureUri = '/oauth/google/failure'
            callback = "${baseURL}/oauth/google/callback"
            scope = 'https://www.googleapis.com/auth/userinfo.email'
        }

        // for Google OAuth 2.0
        google {
            api = org.grails.plugin.springsecurity.oauth.GoogleApi20
            key = 'oauth_google_key'
            secret = 'oauth_google_secret'
            successUri = '/oauth/google/success'
            failureUri = '/oauth/google/failure'
            callback = "${baseURL}/oauth/google/callback"
            scope = 'https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email'
        }
    }
}

Other configuration keys you can use, are (with their default values):

grails.plugin.springsecurity.oauth.active = true
grails.plugin.springsecurity.oauth.domainClass = 'OAuthID'
grails.plugin.springsecurity.oauth.userLookup.oAuthIdsPropertyName = 'oAuthIDs'
grails.plugin.springsecurity.oauth.registration.askToLinkOrCreateAccountUri = '/oauth/askToLinkOrCreateAccount'
grails.plugin.springsecurity.oauth.registration.roleNames = ['ROLE_USER']

Once you have an user domain and configured provider names, go with:

grails s2-init-oauth [domain-class-package] [oauthid-class-name]

Example:

grails s2-init-oauth com.yourapp OAuthID

that creates the domain class com.yourapp.OAuthID

Finally, add:

static hasMany = [oAuthIDs: OAuthID]

to you user domain class.

In your view you can use the taglib exposed from this plugin and from OAuth plugin to create links and to know if the user is authenticated with a given provider:

<oauth:connect provider="twitter" id="twitter-connect-link">Twitter</oauth:connect>
<oauth:connect provider="facebook" id="facebook-connect-link">Facebook</oauth:connect>
<oauth:connect provider="google" id="google-connect-link">Google</oauth:connect>
<oauth:connect provider="linkedin" id="linkedin-connect-link">Linkedin</oauth:connect>
<oauth:connect provider="yahoo" id="yahoo-connect-link">Yahoo</oauth:connect>
Logged with facebook? <s2o:ifLoggedInWith provider="facebook">yes</s2o:ifLoggedInWith><s2o:ifNotLoggedInWith provider="facebook">no</s2o:ifNotLoggedInWith>
Logged with twitter? <s2o:ifLoggedInWith provider="twitter">yes</s2o:ifLoggedInWith><s2o:ifNotLoggedInWith provider="twitter">no</s2o:ifNotLoggedInWith>
Logged with google? <s2o:ifLoggedInWith provider="google">yes</s2o:ifLoggedInWith><s2o:ifNotLoggedInWith provider="google">no</s2o:ifNotLoggedInWith>
Logged with linkedin? <s2o:ifLoggedInWith provider="linkedin">yes</s2o:ifLoggedInWith><s2o:ifNotLoggedInWith provider="linkedin">no</s2o:ifNotLoggedInWith>
Logged with yahoo? <s2o:ifLoggedInWith provider="yahoo">yes</s2o:ifLoggedInWith><s2o:ifNotLoggedInWith provider="yahoo">no</s2o:ifNotLoggedInWith>

Extensions

List of known extensions:

Development

To try out before release use the create-testapps script:

Create a file testapps/s2oauth/testapps-config.groovy (ignored from Git) with your external providers valid credentials

oauth {
    providers {
        facebook {
            key = '...'
            secret = '...'
        }
        twitter {
            key = '...'
            secret = '...'
        }
        linkedin {
            key = '...'
            secret = '...'
        }
        google {
            key = '...'
            secret = '...'
        }
    }
}

Run ./grailsw compile && ./grailsw create-testapps.

That's it!

Something went wrong with that request. Please try again.