简体   繁体   English

如何在Play Framework 2.0中使用OAuth 2

[英]How to use OAuth 2 in Play Framework 2.0

So I am using scribe to connect to Facebook (OAuth 2).所以我正在使用抄写员连接到 Facebook (OAuth 2)。 However I am having trouble getting the authorization token.但是我在获取授权令牌时遇到问题。 On Play's website they say thatPlay 的网站上,他们说

"Version 2 is simple enough to be implemented easily without library or helpers,". “版本 2 非常简单,无需库或助手即可轻松实现,”。

However, I'm not quite sure how to do this!但是,我不太确定该怎么做!

I tried changing my routes file that would send the key to a built method.我尝试更改将密钥发送到构建方法的路由文件。

GET    /slivr_auth/*name        controllers.Application.getKey(name)

However, the auth key contains a '?'但是,授权密钥包含一个“?” in the url, so I can't capture it as a string.在 url 中,所以我无法将其捕获为字符串。

Any help or advice would be appreciated!任何帮助或建议将不胜感激!

To answer your specific question, you can get request (query) parameters by calling:要回答您的具体问题,您可以通过调用以下方式获取请求(查询)参数:

Controller.request().queryString()

Getting OAuth2 is easy but not trivial.获取 OAuth2 很容易,但并不简单。 It helps to have a working sample.它有助于获得工作样本。 I would recommend downloading Play1, and looking up the sample for Facebook Authentication.我建议下载 Play1,并查找 Facebook 身份验证示例。 And then porting the code over to Play2.然后将代码移植到 Play2。 I did the above and found the process very instructive.我做了上面的事情,发现这个过程很有启发性。 You will realize that each site and API has quirks/needs, so there is very little additional code that seems usable form one site to another.您会意识到每个站点和 API 都有怪癖/需求,因此从一个站点到另一个站点似乎可用的附加代码很少。

A more step-by-step answer is that there are several steps.一个更循序渐进的答案是有几个步骤。 First, you need to get an access_token and then you can use it.首先,你需要得到一个access_token ,然后你就可以使用它了。 To get an access_token you need to send the user to the sites authorization url, so far facebook this would be something like:要获得access_token ,您需要将用户发送到站点授权 url,到目前为止 facebook 这将类似于:

https://graph.facebook.com/oauth/authorize/?client_id=idFromFacebook&redirect_uri=http://yourdomain.com/auth

Once your user has accepted the authorization, the site will redirect the user with a code, something like http://yourdomain.com/auth?code=XYZ_ABC .一旦您的用户接受了授权,该站点将使用代码重定向用户,例如http://yourdomain.com/auth?code=XYZ_ABC You would then need to request from the sites access token url to get the access token.然后,您需要从站点访问令牌 url 请求以获取访问令牌。 For Facebook this would be something like:对于 Facebook,这类似于:

https://graph.facebook.com/oauth/access_token?client_id=idFromFacebook&client_secret=secredFromFacebook&code=XYZ_ABC&redirect_uri=...

The response from the above url would have the access_token in it.来自上述 url 的响应将包含access_token

Now, you can start using the access token to request information.现在,您可以开始使用访问令牌来请求信息。

I don't know if it might help, but I've created a Play 2.x client in Scala and Java which supports OAuth/CAS/OpenID/HTTP authentication and user profile retrieval: https://github.com/leleuj/play-pac4j .我不知道它是否有帮助,但我在 Scala 和 Java 中创建了一个 Play 2.x 客户端,它支持 OAuth/CAS/OpenID/HTTP 身份验证和用户配置文件检索: https://github.com/leleuj/玩 pac4j

For OAuth support, it's based on Scribe and supports Facebook, Twitter, Google, Yahoo, DropBox, Github, LinkedIn, Windows live, WordPress...对于OAuth支持,它基于Scribe,支持Facebook、Twitter、Google、Yahoo、DropBox、Github、LinkedIn、Windows live、WordPress...

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM