Skip to content

Getting Started With SocialAuthFilter

Jump to bottom
p4w3l edited this page Oct 30, 2015 · 2 revisions

Using SocialAuth ServletFilter

Prerequisites


Authenticating using the external oAuth providers requires that we register our application with the providers and obtain a key/secret from them that will be configured in our application. So following steps are needed to be set up before we can begin.
  1. Public domain - You will need a public domain for testing. You should have a public domain because most of the providers require a public domain to be specified when you register an application with them.
  2. Get the API Keys: You can get the API keys from the following URLs. * Google (show screenshot) - http://code.google.com/apis/accounts/docs/RegistrationForWebAppsAuto.html * Yahoo (show screenshot) - https://developer.apps.yahoo.com/dashboard/createKey.html * Twitter - http://twitter.com/apps * Facebook - http://www.facebook.com/developers/apps.php * Hotmail (show screenshot) - http://msdn.microsoft.com/en-us/library/cc287659.aspx * FourSquare - (show screenshot) - https://foursquare.com/oauth/ * MySpace - (show screenshot) - http://developer.myspace.com/Apps.mvc * Linkedin - (show screenshot) - https://www.linkedin.com/secure/developer * Salesforce - (show screenshot) * Yammer - (show screenshot) - https://www.yammer.com/client_applications * Mendeley - (show screenshot) - http://dev.mendeley.com/applications/register/
  • You can now develop the application using keys and secrets obtained above and deploy the application on your public domain. However, most people need to test the application on a local development machine using the API keys and secrets obtained above.
  • We do not recommend it at all, but if you do not want to obtain your own keys and secrets while testing, you can use the keys and secrets that we obtained by registering "opensource.brickred.com" for our demo. Follow the same steps as above but with domain as "opensource.brickred.com" and keys from our sample.

Include Jars

Download socialauth-java-sdk-4.2.zip and include the following in your project from dist and dependencies folder.

  1. socialauth-4.2.jar
  2. socialauth-filter-2.4.jar
  3. jars from dependencies folder

You can also include maven depedency if you are creating maven project as given below:

<dependency>
    <groupId>org.brickred</groupId>
    <artifactId>socialauth-filter</artifactId>
    <version>2.4</version>
</dependency>

Implementation

socialauth-filter.jar contains a filter class and set of helper classes which are responsible for smoothly interaction between your web application and socialauth library. SocialAuthSecurityFilter is the filter class for managing socialauth-provider connection flow. It redirects to the actual provider for login and handles the callback. Once the user provides credentials and the provider redirects back to your application, one of the callback methods is called. This jar consists of other important classes (i.e. DefaultSASFHelper & SASFStaticHelper) which actually wrap low level socialauth-library objects.

  1. Add filter definition in web.xml.
<filter>
    <filter-name>SocialAuthSecurityFilter</filter-name>
    <filter-class>de.deltatree.social.web.filter.impl.SocialAuthSecurityFilter        </filter-class>
</filter>
<filter-mapping>
    <filter-name>SocialAuthSecurityFilter</filter-name>
    <url-pattern>/SAF/*</url-pattern>
</filter-mapping>
  1. Add properties file in context param, it is used to configure filter settings.
<context-param>
    <param-name>properties</param-name>
    <param-value>socialauth_filter.properties</param-value>
</context-param>
  1. socialauth_filter.properties: This file consists of properties which are used to configure socialauth-filter api. Please note that this file should be included in your class path.
#file contains keys
oauth_consumers = oauth_consumer.properties
#filter url-mapping
filter.url = /SAF
#error page
error.page.url = /jsp/error.jsp
#callback URL on successful authentication
webapp.success.action = /socialAuthSuccessAction.do
  1. Create a property file like the sample oauth_consumer.properties using the consumer key and secrets obtained above. This file should be included in your classpath.
  2. Forward your auth provider requests to filter as shown in below example code.
/*struts sample code*/
String filterUrl = "/SAF/SocialAuth?id=" + id;
ActionForward fwd = new ActionForward("openAuthUrl", filterUrl, true);
  1. On successful authentication, filter api stores communication object (i.e. SASFHelper) in session so it can be obtained for accessing other profile information on successful page.
SASFHelper helper = SASFStaticHelper.getHelper(request);
Profile profile = helper.getUserProfile();
List<Contact> contactsList= helper.getContactList();
Clone this wiki locally