Jérôme I think its worth publishing to the forum if we actually came up with some useful information. Otherwise not. This is not a discussion I'd find useful until some conclusion is reached.
I'm attaching (a) my pom.xml and (b) the output from Maven. I moved my ~/.m2 file (I'm on windows) and then ran the mvn jetty:run task. Once you use Maven, if everything doesn't work just right there is trouble. As you can see it didn't work. Its complaining of a checksum failure. As I said I did take time to get it to work, but I haven't looked into the details. I didn't see a Google2Provider at the time -- it would be _much_ easier if all the code was in one place and not in 3 separate libraries from my point of view! The demo didn't have one, so I assumed it didn't exist. This is pretty important to me from a practical point. I'm just-about prepared to take a single library and make fixes as needed (but I have to have the source in my debugger of course) but three is too much work. When I looked at your scribe-up-shiro-demo from the .ini it looked as if the OAuthRealm takes aprovider, so I'd need a lot of realms to deal with a lot of providers. Perhaps that's OK, but I decided to take my own route at that point. I did load buji-oauth from Github but it wasn't obvious how to adapt it, _and_ I was having trouble with Maven. --- You ask what I want. The demo does this at the moment. The client posts a login request to a login servlet (com.cilogi.shiro.web.oauth.OAuthLoginServlet). This works out the token type (from a parameter) and sends to the code-providing url for that provider. ON redirect we pick up the provider type and send the code off to get a token. I have abstracted (for Google and Facebook) the JSON -> Info as OAuthInfo. With the token verified I get the email from the OAuthInfo, create a new user if needed, and then login. You say that the user registration bit is specific to me, but almost everyone will need to register the user one way or another. Anyway, its just not clear to me how to get from your demo to what I want -- an explicit login, followed by registration (of email) and authentication. Here's a for-instance. The user tries to access a URL. The spec in my shiro.ini example is /settings.ftl = authc This must be accessed by anyone who is authenticated. Not just facebook users. The demo sends you to a login page which posts to the servlet I mentioned, which authenticates and then redirects to the requested URL. It wasn't clear (to me) from your demo how to do this as you were sending each provider to a separate page. You have my code. There is a package com.cilogi.shiro.oauth, and com.cilogi.oauth.provider. If I can use Buji to remove the need for this code (perhaps with an override of your OAuth realm for my database stuff) that would be great. I'll quite understand if you don't want to get involved further, but the ball's in your court. If you can explain, either in text or code how to do this that would be great. Tim On 11 October 2012 09:56, jleleu [via Shiro User] < [email protected]> wrote: > Hi Tim, > > I prefer to keep public answers which can help others. > > About you Maven issues, it's really strange : the sonatype snapshots > repository is defined in the parent pom (oss-parent) and the dependencies > you added are already defined in scribe-up project. > > For Google, you're right, you have to define the end-point, but you can do > that in buji-oauth by using the Google2Provider and setting its scope to : > EMAIL (PROFILE and EMAIL_AND_PROFILE are also possible). > > I'm in line with having a common profile to ease work with multiple > providers. To check and add users into database, it's somehow really > specific to your environement. But, you can customize the Realm as usually > for Shiro projects. In this case, it's the OAuthRealm on which you can > override the doGetAuthenticationInfo or doGetAuthorizationInfo methods > according to your needs. > > About nonce, I integrated a pull request to add the use of the state > parameter in Facebook case. > > About showing you how to duplicate current functionnaly with less code, > it's exactly the objective of the demo : > https://github.com/leleuj/scribe-up-shiro-demo. Showing to everybody how > to use buji-oauth. > Less code is easy as you re-develop most of what is already in buji-oauth, > but more configuration is also required. > I'll send you a private email for this. > > In buji-oauth, you already have the following providers : Facebook, Google > (OAuth 1.0 & 2.0), Twitter, DropBox, LinkedIn, Yahoo, Windows Live, > WordPress and GitHub with very complete profiles (just not only the email). > It's too bad not to leverage your work on this. > > Best regards, > Jérôme > > > ------------------------------ > If you reply to this email, your message will be added to the discussion > below: > http://shiro-user.582556.n2.nabble.com/OAuth-demo-tp7577850p7577858.html > To start a new topic under Shiro User, email > [email protected] > To unsubscribe from Shiro User, click > here<http://shiro-user.582556.n2.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=582556&code=dGltLm5pYmxldHRAY2lsb2dpLmNvbXw1ODI1NTZ8MTMwMDYyMTY=> > . > NAML<http://shiro-user.582556.n2.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml> > out.txt (80K) <http://shiro-user.582556.n2.nabble.com/attachment/7577859/0/out.txt> pom.xml (4K) <http://shiro-user.582556.n2.nabble.com/attachment/7577859/1/pom.xml> -- View this message in context: http://shiro-user.582556.n2.nabble.com/OAuth-demo-tp7577850p7577859.html Sent from the Shiro User mailing list archive at Nabble.com.
