Using play2-auth application as oauth
marius-carp opened this issue · comments
Hi I have some questions. I am trying to use my application like an oauth provider, for example I want to authenticate with myApplication to play2AuthApplication (making a POST call), what should I do to respond to myApplication with a valid PLAY2AUTH_SESS_ID (if I understood well, this is the session_id that play2-auth needs to authorize users).
Is possible to user header instead of cookie?
Is PLAY2AUTH_SESS_ID enough to access a secured action like authorizedAction(parse.json, NormalUser) from myApplication?
I'll later need to make other calls to play2AuthApplication from myApplication.
I,m using play2-auth version 0.12.0, and Redis as cache.
Thank you.
Hi
play2-auth 0.12.0 can not use header instead of cookie.
However play2-auth 0.13.2 can do it 😄
play2-auth 0.13.2 intoroduce TokenAccessor.
You can create a custom TokenAccessor and override tokenAccessor
in AuthConfigImpl
.
default implementation is CookieTokenAccesor
There is HTTP basic authorization example here
best regard,
Thanks, works great!
Though, I have another question. I moved from 0.12.0 to 0.13.2. and it says that "object authorizedAction in trait AsyncAuth is deprecated: AuthActionBuilder#AuthorizationAction should be preferred". I tried to find a substitute for this Action, couldn't find one that takes a BodyParser and an Authority.
I'm using authorizedAction, like this:
def updateUser = authorizedAction(parse.json, Admin){ auth: AuthEntity => implicit rs =>
rs.body.validate[UpdateAccount].map {
case c: UpdateAccount =>
//code
}.recoverTotal {
e =>
BadRequest("Detected error" + JsError.toFlatJson(e))
}
}
Thank you for your time!
AuthActionBuilder#AuthorizationAction
takes Authority
and returns an ActionBuilder
So you can write as follows
def updateUser = AuthorizationAction(Admin)(parse.json){ implicit rs =>
rs.body.validate[UpdateAccount].map {
case c: UpdateAccount =>
//code
}.recoverTotal {
e =>
BadRequest("Detected error" + JsError.toFlatJson(e))
}
}
Thanks, this is perfect!