A bit or problem here, well I figured out how to store users signing up from FB/Twitter using SecureSocial, but how am I to register users using email-registration, Can anyone provide me with a brief explanation of how one does it in SecureSocial. I have googled a lot to find tutorials about how thats done, but with no avail.
Yes, of course I can store the token data easily, but in case of email users how am I to integrate the stored data with the user trying to login through the email-password menu. I am confused with the whole work-flow of registering user-by-email
Since I am new to scala, and even new to SecureSocial, I couldn't get the user-regsitration working properly, and didn't properly understand the guide provided in the SecureSocial site regarding this matter.
It would be helpful, if you could provide me with any pointers, or point me to resources/tutorialscovering the part.
Well, I researched about my own question and gained some ideas about Token,
As the name itself describes, Tokens are like real world tokens/tickets:
Tokens-id in SecureSocial exactly are JAVA UUID generated keys, which are unique and used to describe if a particular SecureSocial request is valid or not.
For example if you have used SecureSocial, you might have come accross links like:
http://someapp.com/signup/xxxx-xxxx-xxxx-xxxx
Most imp part of the Token Object, token-id=> xxxx-xxxx-xxxx-xxxx, its unique and you will find them in every links connected to email registration and its other functionalities, like :
Password Change Links
SignUp Links
I 'll try and posting more elaborate answers, after I learn more about SecureSocial.
Related
I've been trying to use Google's OAuth for authentication on a Catalyst app. I've tried using CatalystX::OAuth2 and Catalyst::Authentication::Credential::OAuth but it seems I get stuck on configuration.
I'd like to get it working on Google and then proceed to Facebook
Any good advice out there? I've googled to death, but there doesn't seem to be a lot out there.
I realise this question is almost 2 years old but just in case it helps anyone else, here is some information obtained from a couple of weeks of testing and debugging. I've also published a test oauth2 client project using CatalystX::OAuth2 at https://github.com/simonamor/oauth2-client - it sort of works with Google although I've not done anything with the token yet such as fetching user profile information and the 'protected' page is broken currently. It might be enough to point you in the right direction though.
There seemed to be a problem with CatalystX::OAuth2 in that it didn't send a scope value, nor could I find a way to make it send one and yet Google's API requires one. Not all providers have this requirement so work ok. Having made a slight alteration to a local copy of CatalystX::OAuth2, I managed to get it to authenticate via Google. The (minor) changes are in a fork of this module, also in my github account.
Visit the Google developers console and create the OAuth2 credentials to use. You'll need them below.
To my oauth2client.yml (from the github project referenced above) I added the following:
Plugin::Authentication:
default:
credential:
grant_uri: [provided by google, ends]/o/oauth2/v2/auth
token_uri: [provided by google, ends]/oauth2/v4/token
client_id: [issued by google]
client_secret: [issued by google]
scope: [provided by google, ends]/auth/userinfo.profile
I don't have a reputation high enough to post more than two links so apologies for missing out parts of the urls above!
This was the only real configuration I needed to setup. By modifying the credential settings I've also used it successfully with dropbox.com as well.
I'm still working on the OAuth2 server side of things and those are the default config within the project which is why you need to add an extra section for Google.
if you provided some info, like where you are stuck and why, I might be able to help.
The cpan has an example config. If you are not using a config file, you can also add it in your Catalyst app, though I would recommend using a config file, there just paste in the example with the data you need specifically.
I'm new to OAuth and I would really appreciate if someone could give me a hand with my problem. I need to create a simple web application for track expenses, with some basic actions (user must be able to create an account and log in, list expenses, edit them, etc) with a REST API for each one, and the trick is that I need to be able to pass credentials to both the webpage and the API. So, after some research I've found some examples using Digest Authentication and HMAC Authentication but lot of posts also mentioned OAuth as an alternative approach, so my question is, given this scenario, would be proper to use OAuth? I mean, as far as I understand OAuth is suitable when you want to share resources with other application, which I'm not doing for this project; besides that, when you try to access the shared resource it appears a page requesting permission for the foreign application, would that page appear at some point in my application? (maybe after the login?)
Thanks in advance guys
In your current scenario it does not make sense to use OAuth. It's not what OAuth is designed for.
If your application ecosystem is going to have multiple webapps running on a single SSO (like google) then it is very helpful to have OAuth.
Suggestion: Decide based on your business/operation plan and implement accordingly.
Note: If you plan to have 10 apps in the span of the next 5 years but only have one app now it does not make sense to spend time to implement complex protocols like OAuth right now. Scale as you grow.
I've been navigating and toying with features of netsuite, for one feature that came across was the SAML single sign-on. I can not understand how it works or even get it working.
I've read the numerous SAML documents on suiteanswers however, they leave me puzzled.
Does anyone have a working netsuite SAML code example or documentation?
A hurl.it would suffice also!
Thanks is advance
I don't have a specific SAML snippet, but IIRC SSO needs to be enabled/provisioned. Kindly navigate to Setup, Company, View Billing Information. There must be users provisioned towards the bottom under: Two Factor Authentication Users (Should show Provisioned Quantity and Used Quantity.) I believe there is also a place on Role Permissions where a Role can be defined as single Sign On ONLY - but I don't think that is what you are asking.
Like I said, I have no snippet, however on the Suite-Answers Site, They give me a reference Link that has a PDF that shows a sample for you. The PDF Itself is Located here: https://system.netsuite.com/core/media/media.nl?id=7490306&c=NLCORP&h=cd5c1c4877483ebab26b&_xt=.pdf
I've made an offline http nonsecured version here stored in Dropbox: https://www.dropbox.com/s/ohiu6f308szu6rd/SAML_Setup_ADFS_Netsuite.pdf
It seems that basic functionality such as user login, can not be done in simple manner: to have username and password field in form on client and based on that to create store.readPathAccess model access rights. Also, how to check if user is logged in to implement access rights on routes?
Based on examples and (poor) DerbyJS documentation, if I understood it correctly, you have to implement login in server module (lib/server/*) because:
store.readPathAccess must be used in server side
you want to store data in model session (which can be read only on server side)
But many questions arise:
if it has to be done on server side, how to get and store client form data on server side without having problem with second item below on the list (I have done it with manually submitting data to server-only route, but can not then save it in model with local key because I have to redirect to client route after that and local model data is lost)
how to read later that data if it must be stored in session?
even if the store access rights for model is managed, how to check if this specific user is logged in when in client routes?
I'm quite confused at the moment... liked Derby principles, but this authentication problems are playing with my nerves seriously.
I know I may not be quite clear, but there are many points to go in details and if anyone can help I'll gladly give more required info.
Thank you,
Eddie
I found this library today called derby-auth.
It uses passport for signing in and has a good example using a simple register and login form.
What it does is to set some routes on the server for logging the user, and a middleware to tell the client if it's logged or not.
It does have some bugs (a few callback calls missing that break some things), so i wrote my own based on that, but must clean a lot of things before uploading anywhere.
i'd be glad to send it to you if you want to, though.
The most current library is https://github.com/derbyparty/derby-login
It has been updated pretty regularly and works with derbyjs 0.6
I created a number of posts on behalf of the user by issuing an HTTP POST request to (PROFILE_ID/feed) with the publish_stream. Sample:
https://graph.facebook.com/me/feed?
I got everyone's post ids, but I when I'm trying to access and read them I getting a "false" respond..
I was at a Perl Mongers meeting (Los Angeles) last week where the presentation was on integration with Facebook. In particular, one of the developers was discussing his new module, Facebook::Graph. He indicated that in producing the module he learned a lot about what Facebook would do if you request information but don't provide everything it is expecting in your request. Your problem description sounds like a case in point.
The module's description is:
This is a Perl interface to the Facebook Graph API
http://developers.facebook.com/docs/api. With this module you can
currently query public Facebook data, query privileged Facebook data,
and build a privileged Facebook application. See the TODO for all that
this module cannot yet do.
There is a companion POD for that module called Facebook::Graph::Cookbook. It contains a couple of cookbook examples.
While the module is still fairly new and under development, I know that the individual who worked on it has spent many hours working on it in a professional setting where solid results are expected. I'm confident that he "got it right." It's currently being used by a high-traffic well known website.
There's no point trying to re-implement interfacing with this API when someone else has done a good job of it already. Through the discussion that took place after the presentation I know that the module has gone through extensive testing. That's not to say it's perfect, but it's probably a hundred or more man-hours further along the journey.
It's my suggestion that you implement your Facebook Graph interactions through using this module. I suspect when you do, many of your headaches will go away.
You'll need to ask for the read_stream permission to do this