CODEWITHSUNDEEP
scalagmailplayframework-2.1securesocial
user1659653
user1659653

Reputation: 334

Secure Social connect provider

I'm new to Play framework, therefore I'm new to secure social. I have to implement Google authentication within a project but I don't know how exactly am I supposed to connect with gmail. What I have is an account class that extends Identity like this:

case class Account(
                identityId: IdentityId,
                firstName: String,
                lastName: String,
                fullName: String,
                email: Option[String],
                avatarUrl: Option[String],
                authMethod: AuthenticationMethod,
                oAuth1Info: Option[OAuth1Info] = None,
                oAuth2Info: Option[OAuth2Info] = None,
                passwordInfo: Option[PasswordInfo] = None
                )extends Identity

Then I create a collection of Accounts, iterate them and identify the provider the user wants to connect.

 for(account <- accounts){
      if(account.identityId.providerId == service){
        //Sends account info to securesocial module
          success = true
      }
  }

How am I supposed to call the secure social API in order to connect to the service, in this case Gmail?

Upvotes: 0

Views: 303

Answers (2)

Jorge
Jorge

Reputation: 1403

You don't have to connect to Google yourself. SecureSocial handles all the authentication flow for you. What you need is:

1) Add a link to Google so the user clicks there and starts the authentication flow 2) Implement a UserService so SecureSocial can save users in your DB. 3) Register the Google plugin in play.plugins file. 4) Protect your actions using SecuredAction instead of Play's built in Action.

SecuredAction intercepts the requests and redirects the user to the login page if he is not authenticated.

Check the sample apps that come with the module, they provide a basic skeleton you can use and extend to build your app.

Upvotes: 1

flavian
flavian

Reputation: 28511

  1. Provide the user with an interface to select.
  2. Register your app with Google API Console. Create 2 id's one for test and one for prod.
  3. Create a button with a redirect to Google servers.

The URL looks something like this:

https://accounts.google.com/o/oauth2/auth?response_type=code&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&client_id=your_client_id&redirect_uri=your_redirect_uri

  1. After being re-directed to the above link, user gives app permission to access Google account.
  2. And google redirects the user to your website, but it includes a code token.

You need 3 main methods:

   case class GoogleTokenResponse(
      access_token: String,
      token_type: String,
      expires_in: String,
      id_token: String
   );
   def getAccessToken: GoogleTokenResponse
   // this is an HTTP request to https://accounts.google.com:443?code=the_code_param

   def getUserData: HttpResponse 
   // this will get the user data from www.googleapis.com
   // it needs the OAuth2 access_token obtained above.
    val req = url("https://www.googleapis.com") / "oauth2" / "v2" / "userinfo" <<? ("alt" -> "json") <<?
  Map(OAuthParams.access_token -> token.access_token); // this is a databinder dispatch call.

  // this is how a Google profile response looks like.
  case class GoogleUserResponse(
      val id: String,
      val name: String,
      val given_name: String,
      val family_name: String,
      val verified_email: Boolean,
      val email: String,
      val locale: Option[String],
      val link: Option[String],
      val hd: Option[String]
    )

Now you have a response, map it to your own custom user implementation.

The last stage is:

  • If the user already exists(store the GoogleID of the user and search by it, DO NOT USE EMAIL for this purpose)

  • If the user doesn't exist, add them, ask for additional details, etc.

  • In both scenarios, authenticate the user by creating a session for them.

Upvotes: 1

Related Questions