I've integrated secureSocial as a module in my Play2 app

my main Play project depends on the SecureSocial Module (from Build.scala)

val secureSocial = PlayProject("securesocial", ...... , path = file("modules/securesocial"))

val main = PlayProject(....).settings(.....).dependsOn(secureSocial)

Jenkins (CI server) invokes: sbt clean test deploy and fails.
[error] compile:sources: scala.tools.nsc.interactive.FreshRunReq

Following this reference https://groups.google.com/forum/?fromgroups#!topic/play-framework/WquHeHQvUKA which suggested to remove the .aggregate(secureSocial) didn't help.

Any hint ? could be that uploading SecureSocial to a local maven repository will help ? If so how can I do that ?

When i try to make an authentication with google or yahoo providers using as callbackurl https://www.mydomain.com/auth/google i get the following error:

@68ncimf3o
Error authenticating user

No route found
No route able to invoke action https://www.mydomain.com/auth/google with arguments {} was found.

play.exceptions.NoRouteFoundException: No route found
at play.mvc.Router.reverse(Router.java:534)
at play.mvc.Router.reverse(Router.java:313)
at play.libs.OpenID.verify(OpenID.java:138)
at securesocial.provider.OpenIDProvider.doAuth(OpenIDProvider.java:97)
at securesocial.provider.OpenIDOAuthHybridProvider.doAuth(OpenIDOAuthHybridProvider.java:85)
at securesocial.provider.IdentityProvider.authenticate(IdentityProvider.java:67)
at controllers.securesocial.SecureSocial.authenticate(SecureSocial.java:189)
at play.mvc.ActionInvoker.invokeWithContinuation(ActionInvoker.java:546)
at play.mvc.ActionInvoker.invoke(ActionInvoker.java:500)
at play.mvc.ActionInvoker.invokeControllerMethod(ActionInvoker.java:476)
at play.mvc.ActionInvoker.invokeControllerMethod(ActionInvoker.java:471)
at play.mvc.ActionInvoker.invoke(ActionInvoker.java:159)
at Invocation.HTTP Request(Play!)

I found out that OpenIdProvider class from secureSocial module, on method getFullUrl() is using OpenID.java.
On line 138 of OpenID.java i discovered that the 'else' part of this code:

        if (returnAction != null && returnAction.startsWith("http://")) {
            url += "&openid.return_to=" + URLEncoder.encode(returnAction, "utf8");
        } else {
           url += "&openid.return_to=" + URLEncoder.encode(Request.current().getBase() + Router.reverse(returnAction), "utf8");
        }

is causing the error.. it seems like Router.reverse is causing this error.

im using play 1.2.3

is it possible to use the module with https when i use hibrid providers? can anyone help me with it?

conf/messages contains duplicate key securesocial.signUp .

Just a minor issue.

Missing the /public/javascripts/jquery-1.5.2.min.js directory and file in module root. Simple enough to copy from one of the samles-and-tests, but, still should be working out of the box. - nice job on this module!

Hi,

I'm using a single provider (LinkedIn) to log a user into my application.

On logout, the user is logged out from the application but not LinkedIn. This means that it's possible to re-login without entering username/password.

Is it possible to log the user out of the provider not just the application? This would be handy (and more secure) so that multiple users can use the same PC to login. Currently, to switch users, I have to go to LinkedIn and sign out before I can re-login into my app as someone else.

Thank you.

I've tried getting the sample running.
I've copied module_core into samples/scala/demo/modules/securesocial

I've changed my current directory to samples/scala/demo
typing sbt results in the error below:

sbt
[info] Loading project definition from /Users/michaelg/Workspaces/PushTest1/securesocial/samples/scala/demo/project
[warn] ::::::::::::::::::::::::::::::::::::::::::::::
[warn] :: UNRESOLVED DEPENDENCIES ::
[warn] ::::::::::::::::::::::::::::::::::::::::::::::
[warn] :: play#play_2.9.1;2.0.2-RC2: invalid start of optional part at position 92 in pattern http://repo.typesafe.com/typesafe/releases/FileRepository(Local Repository,FileConfiguration(true,None),sbt.Patterns@795d80cf)/[organisation]/module([sbtVersion])/[revision]/[artifact]-revision.[ext]
[warn] :: play#templates_2.9.1;2.0.2-RC2: invalid start of optional part at position 92 in pattern http://repo.typesafe.com/typesafe/releases/FileRepository(Local Repository,FileConfiguration(true,None),sbt.Patterns@795d80cf)/[organisation]/module([sbtVersion])/[revision]/[artifact]-revision.[ext]
[warn] :: play#console_2.9.1;2.0.2-RC2: invalid start of optional part at position 92 in pattern http://repo.typesafe.com/typesafe/releases/FileRepository(Local Repository,FileConfiguration(true,None),sbt.Patterns@795d80cf)/[organisation]/module([sbtVersion])/[revision]/[artifact]-revision.[ext]
[warn] :: com.typesafe.akka#akka-actor;2.0: invalid start of optional part at position 92 in pattern http://repo.typesafe.com/typesafe/releases/FileRepository(Local Repository,FileConfiguration(true,None),sbt.Patterns@795d80cf)/[organisation]/module([sbtVersion])/[revision]/[artifact]-revision.[ext]
[warn] ::::::::::::::::::::::::::::::::::::::::::::::
[error] {file:/Users/michaelg/Workspaces/PushTest1/securesocial/samples/scala/demo/project/}default-c378e8/*:update: sbt.ResolveException: unresolved dependency: play#play_2.9.1;2.0.2-RC2: invalid start of optional part at position 92 in pattern http://repo.typesafe.com/typesafe/releases/FileRepository(Local Repository,FileConfiguration(true,None),sbt.Patterns@795d80cf)/[organisation]/module([sbtVersion])/[revision]/[artifact]-revision.[ext]
[error] unresolved dependency: play#templates_2.9.1;2.0.2-RC2: invalid start of optional part at position 92 in pattern http://repo.typesafe.com/typesafe/releases/FileRepository(Local Repository,FileConfiguration(true,None),sbt.Patterns@795d80cf)/[organisation]/module([sbtVersion])/[revision]/[artifact]-revision.[ext]
[error] unresolved dependency: play#console_2.9.1;2.0.2-RC2: invalid start of optional part at position 92 in pattern http://repo.typesafe.com/typesafe/releases/FileRepository(Local Repository,FileConfiguration(true,None),sbt.Patterns@795d80cf)/[organisation]/module([sbtVersion])/[revision]/[artifact]-revision.[ext]
[error] unresolved dependency: com.typesafe.akka#akka-actor;2.0: invalid start of optional part at position 92 in pattern http://repo.typesafe.com/typesafe/releases/FileRepository(Local Repository,FileConfiguration(true,None),sbt.Patterns@795d80cf)/[organisation]/module([sbtVersion])/[revision]/[artifact]-revision.[ext]
Project loading failed: (r)etry, (q)uit, (l)ast, or (i)gnore?

I'm still new to Play, but I am doing something wrong?

Hi guys,

SecureSocial is working great, but I wonder if that would be possible to add conditions to SecuredAction.

For example when I log in, I'm only able to edit/remove posts/news which I added. I'm thinking about such mechanism?

SecuredAction(user.id.id == XYZ)

or

SecuredAction(user.role == "abc") // let's say I already extended SecureSocial and added roles.

I'm willing to implement conditions in SecuredAction, but need your input and comments.

thanks,
Łukasz

Currently module inserts a user object in to the render args to allow access to the SocialUser in templates. However the recommended usage of SocialUser is to translate it to a custom domain user that is persisted in the database so it is that user object which is more useful in templates.

I'd like to be able to specify in config what securesocial calls its injected user render arg. e.g. i'd reserve the "user" renderArgs for my own user object and rename the securesocial one to "socialuser".

When I specify
http.path=/myapp/

in app.conf, the authentication works with the
@with( SecureSocial.class ) annotation. However, after authenticating, the redirect should be sent to my controller. Instead it is sent to the play server at "/".

resulting in:
Not found

GET /
These routes have been tried, in this order :

GET       /@documentation/cheatsheet/{category}             PlayDocumentation.cheatSheet
GET       /@documentation/modules/{module}/files/{name}     PlayDocumentation.file
GET       /@documentation/modules/{module}/images/{name}    PlayDocumentation.image
GET       /@documentation/modules/{module}/{id}             PlayDocumentation.page
GET       /@documentation/files/{name}                      PlayDocumentation.file
GET       /@documentation/images/{name}                     PlayDocumentation.image
GET       /@documentation/{id}                              PlayDocumentation.page
GET       /@documentation/?                                 PlayDocumentation.index
GET       /myapp/auth/signup                          securesocial.UsernamePasswordController.signup
POST      /myapp/auth/signup                          securesocial.UsernamePasswordController.createAccount
GET       /myapp/auth/activate/{uuid}                 securesocial.UsernamePasswordController.activate
GET       /myapp/auth/login                           securesocial.SecureSocial.login
GET       /myapp/auth/logout                          securesocial.SecureSocial.logout
GET       /myapp/auth/{type}                          securesocial.SecureSocial.authenticate
GET       /myapp/auth/public/                         staticDir:public
GET       /myapp/                                     Application.index 

The module should not force user to use default login page. It shoud let the user choose between using the module's default login page and have his own login page.

I think it would be a nice feature..

Thanks!!!

Like JanRain Engage does we might want to suggest the user to again log in using the previous login method.

User logs in with twitter
Save cookie "twitter"
Session times out
User comes back to site
Suggest twitter login (add link "want to log in with other service?")

This will avoid a user to log in with a different social account the second time.

When upgrading to 0.2.5 in dependencies.yml, it no longer sees SecureSocial. Going back to 0.2.4 works fine. The error occurs at:

import controllers.securesocial.SecureSocial;
import controllers.securesocial.SecureSocialPublic;

Hi,

as already posted on the play mailing list, I get an error when using securesocial and running play test:

@69mc60o78
Internal Server Error (500) for request GET /@tests

Oops: UnexpectedException
An unexpected error occured caused by exception UnexpectedException: While applying class play.classloading.enhancers.ControllersEnhancer on securesocial.provider.DefaultUserService

play.exceptions.UnexpectedException: While applying play.CorePlugin@1264ab4d on securesocial.provider.DefaultUserService
    at play.plugins.PluginCollection.enhance(PluginCollection.java:511)
    at play.classloading.ApplicationClasses$ApplicationClass.enhance(ApplicationClasses.java:235)
    at play.classloading.ApplicationClassloader.loadApplicationClass(ApplicationClassloader.java:165)
    at play.classloading.ApplicationClassloader.loadClass(ApplicationClassloader.java:84)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
    at java.lang.Class.getDeclaredConstructors0(Native Method)
    at java.lang.Class.privateGetDeclaredConstructors(Class.java:2389)
    at java.lang.Class.getConstructors(Class.java:1459)
    at play.plugins.PluginCollection.reloadApplicationPlugins(PluginCollection.java:199)
    at play.Play.start(Play.java:460)
    at play.Play.detectChanges(Play.java:629)
    at play.Invoker$Invocation.init(Invoker.java:198)
    at Invocation.HTTP Request(Play!)
Caused by: play.exceptions.UnexpectedException: While applying class play.classloading.enhancers.ControllersEnhancer on securesocial.provider.DefaultUserService
    at play.CorePlugin.enhance(CorePlugin.java:302)
    at play.plugins.PluginCollection.enhance(PluginCollection.java:506)
    ... 12 more
Caused by: java.lang.RuntimeException: Trying to visit uncompiled class while enhancing. Uncompiled class: securesocial.provider.UserService$Service
    at play.classloading.enhancers.Enhancer$ApplicationClassesClasspath.openClassfile(Enhancer.java:75)
    at javassist.ClassPoolTail.openClassfile(ClassPoolTail.java:335)
    at javassist.ClassPool.openClassfile(ClassPool.java:594)
    at javassist.CtClassType.getClassFile2(CtClassType.java:185)
    at javassist.CtClassType.subtypeOf(CtClassType.java:303)
    at javassist.CtClassType.subtypeOf(CtClassType.java:318)
    at play.classloading.enhancers.ControllersEnhancer.enhanceThisClass(ControllersEnhancer.java:37)
    at play.CorePlugin.enhance(CorePlugin.java:297)

How to reproduce it:

1. Create a new play app: $ play new securesocialtest
2. Add - play -> securesocial 0.2.4 to conf/dependencies.yml
3. Run $ play deps
4. Start tests: $ play test
5. Request http://localhost:9000/@tests
   -> This shows the error, in the browser it's

Oops: UnexpectedException

An unexpected error occured caused by exception UnexpectedException:
While applying class play.classloading.enhancers.ControllersEnhancer on securesocial.provider.DefaultUserService

and stdout displays the cause as shown above.

when trying to run the sample app the followgin error occurs:

sas@ubuntu:~/devel/apps/securesocial/samples-and-tests/testapp$ play deps
~        _            _ 
~  _ __ | | __ _ _  _| |
~ | '_ \| |/ _' | || |_|
~ |  __/|_|\____|\__ (_)
~ |_|            |__/   
~
~ play! 1.2.4-RC2, http://www.playframework.org
~
~ Resolving dependencies using /home/sas/Dropbox/Public/devel/play/apps/securesocial/samples-and-tests/testapp/conf/dependencies.yml,
~
~
~ No dependencies to install
~
~ *****************************************************************************
~ WARNING: These dependencies are missing, your application may not work properly (use --verbose for details),
~
~   securesocial->securesocial ->
~ *****************************************************************************
~
~ Some dependencies are still missing.
~
sas@ubuntu:~/devel/apps/securesocial/samples-and-tests/testapp$ 

change dependencyes.yml file

When I upgrade to 0.2.5 (By updating my dependencies.yml file), the SecureSocial object is no longer found. If I go back to 0.2.4 it works fine.

Thanks Jorge for a GREAT Play plugin, it's awesome!

I'm running a webapp in Heroku and I'm using Secure social to secure my pages.
If I request my site using https when not logged in I get redirected to http://.../auth/login.
Do you know if this is caused by the Secure social plugin, Play or Heroku? Can it be fixed?

When logged in i can manually change the protocol to https and when clicking on my internal links https remains.

Thanks once again for your great work.

As far as I can see this is not available.

Hello,

Facebook seems to have changed the API so that the "user.avatarUrl" is now to be found in a different place. Login with SecureSocial fails.

Fix: securesocial-0.2.4/app/securesocial/provider/providers/FacebookProvider.java Row 58

user.avatarUrl = me.get(PICTURE).getAsString();

must be =>

user.avatarUrl = me.getAsJsonObject(PICTURE).getAsJsonObject("data").get("url").getAsString();

Best regards!

It doesnt seem to work for me

@OnApplicationStart
public class Bootstrap extends Job {

does not run at all

i even added a static block inside like

static {
System.out.println("Bootstrap static");
Bootstrap b = new Bootstrap();
try {
b.doJob();
} catch (Exception e) {
e.printStackTrace();
}
}

but really you cannot have checked exceptions inside static block but there is no call to this even if you remove the class part, just keep the println

SecureSocial with Google App Engine?

Could be related to this:
https://groups.google.com/forum/#!msg/play-framework/PLNXaI7DQ_Q/jTu1HpzIn0gJ

And maybe this:
http://stackoverflow.com/questions/5368535/java-httpurlconnection-issues-with-illegalstateargument-already-connected

Any pointers on how to fix this?

My stacktrace:

play.Logger niceThrowable: Error authenticating user
java.lang.RuntimeException: java.lang.RuntimeException: java.lang.RuntimeException: java.lang.IllegalStateException: Already connected
at play.libs.OpenID.getVerifiedID(OpenID.java:295)
at securesocial.provider.OpenIDProvider.doAuth(OpenIDProvider.java:102)
at securesocial.provider.OpenIDOAuthHybridProvider.doAuth(OpenIDOAuthHybridProvider.java:85)
at securesocial.provider.IdentityProvider.authenticate(IdentityProvider.java:67)
at controllers.securesocial.SecureSocial.authenticate(SecureSocial.java:197)
at com.google.apphosting.runtime.security.shared.intercept.java.lang.reflect.Method_$1.run(Method_.java:165)
at java.security.AccessController.doPrivileged(Native Method)
at com.google.apphosting.runtime.security.shared.intercept.java.lang.reflect.Method_.privilegedInvoke(Method_.java:163)
at com.google.apphosting.runtime.security.shared.intercept.java.lang.reflect.Method_.invoke_(Method_.java:124)
at com.google.apphosting.runtime.security.shared.intercept.java.lang.reflect.Method_.invoke(Method_.java:43)
at play.mvc.ActionInvoker.invokeWithContinuation(ActionInvoker.java:548)
at play.mvc.ActionInvoker.invoke(ActionInvoker.java:502)
at play.mvc.ActionInvoker.invokeControllerMethod(ActionInvoker.java:478)
at play.mvc.ActionInvoker.invokeControllerMethod(ActionInvoker.java:473)
at play.mvc.ActionInvoker.invoke(ActionInvoker.java:161)
at play.server.ServletWrapper$ServletInvocation.execute(ServletWrapper.java:557)
at play.Invoker$Invocation.run(Invoker.java:278)
at play.server.ServletWrapper$ServletInvocation.run(ServletWrapper.java:548)
at play.Invoker.invokeInThread(Invoker.java:68)
at play.server.ServletWrapper.service(ServletWrapper.java:142)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1166)
at com.google.apphosting.utils.servlet.ParseBlobUploadFilter.doFilter(ParseBlobUploadFilter.java:102)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.apphosting.runtime.jetty.SaveSessionFilter.doFilter(SaveSessionFilter.java:35)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at com.google.apphosting.utils.servlet.TransactionCleanupFilter.doFilter(TransactionCleanupFilter.java:43)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1157)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:388)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
at com.google.apphosting.runtime.jetty.AppVersionHandlerMap.handle(AppVersionHandlerMap.java:249)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:326)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.java:923)
at com.google.apphosting.runtime.jetty.RpcRequestParser.parseAvailable(RpcRequestParser.java:76)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
at com.google.apphosting.runtime.jetty.JettyServletEngineAdapter.serviceRequest(JettyServletEngineAdapter.java:135)
at com.google.apphosting.runtime.JavaRuntime$RequestRunnable.run(JavaRuntime.java:422)
at com.google.tracing.TraceContext$TraceContextRunnable.runInContext(TraceContext.java:449)
at com.google.tracing.TraceContext$TraceContextRunnable$1.run(TraceContext.java:455)
at com.google.tracing.TraceContext.runInContext(TraceContext.java:695)
at com.google.tracing.TraceContext$AbstractTraceContextCallback.runInInheritedContextNoUnref(TraceContext.java:333)
at com.google.tracing.TraceContext$AbstractTraceContextCallback.runInInheritedContext(TraceContext.java:325)
at com.google.tracing.TraceContext$TraceContextRunnable.run(TraceContext.java:453)
at com.google.apphosting.runtime.ThreadGroupPool$PoolEntry.run(ThreadGroupPool.java:251)
at java.lang.Thread.run(Thread.java:679)
Caused by: java.lang.RuntimeException: java.lang.RuntimeException: java.lang.IllegalStateException: Already connected
at play.libs.ws.WSUrlFetch$WSUrlfetchRequest.post(WSUrlFetch.java:112)
at play.libs.OpenID.getVerifiedID(OpenID.java:269)
... 50 more
Caused by: java.lang.RuntimeException: java.lang.IllegalStateException: Already connected
at play.libs.ws.WSUrlFetch$WSUrlfetchRequest.prepare(WSUrlFetch.java:187)
at play.libs.ws.WSUrlFetch$WSUrlfetchRequest.post(WSUrlFetch.java:109)
... 51 more
Caused by: java.lang.IllegalStateException: Already connected
at java.net.URLConnection.setRequestProperty(URLConnection.java:1040)
at com.google.apphosting.utils.security.urlfetch.URLFetchServiceStreamHandler$Connection.setRequestProperty(URLFetchServiceStreamHandler.java:229)
at play.libs.ws.WSUrlFetch$WSUrlfetchRequest.checkFileBody(WSUrlFetch.java:246)
at play.libs.ws.WSUrlFetch$WSUrlfetchRequest.prepare(WSUrlFetch.java:179)
... 52 more

Hi guys,

After adding SecureSocial to my project, i18n stopped working. The implicit lang in templates is always set to system's locale. I have had a discussion about it on play-framework forum list here: https://groups.google.com/forum/#!msg/play-framework/my93GY6oJDk/5rIFLQxdU80J.

thanks,
Łukasz

With the built-in usernamepassword provider, if first request to the activate user account contains an invalid url (i.e. user did not copy and past entire URL and uuid) the message correctly states "The activation link you followed is invalid." However, all subsequent requests with the correct activation url will also return the invalid response to the user.

It seems that the second request (with the correct activation url) is doing it's job and activating, but the message echoed is not updated to the user. Not a big deal, since most users will be clicking a link.

Hi,

I followed the instructions for including the SecureSocial module into my Play 2 application and managed to get it working without any issues.

After running "play idea" and launching IntelliJ the InMemoryUserService is showing up with errors (as well as all of the Java code within the SecureSocial module).

Not really sure what's going on here as it is working just fine in the play console.

Any help would be greatly appreciated.

Thank you.

Hi Jorge,

I'm looking to extend the authentication workflow slightly for the LinkedIn and Twitter providers to require the user to enter a valid unregistered email address for new accounts after the authentication happens but before the new user account is saved to keep these accounts in line with users using identity providers that do provide an email address through their API. I was wondering if you had any ideas how this could be cleanly added into the existing flow. I've been looking at the LinkedInProvider/OAuth1Provider/IdentifyProvider hierarchy but there doesn't see to be a straight way forward. I guess it would mean a redirection to another controller to do the email capture and then redirect back to the authentication flow, via some return URL, where the user is saved all the while maintaining the original URL for the final redirection. The IdentityProvider is really the definer of the work flow so probably need to start there but I don't want a parallel class hierarchy.

Hi !

I try to explore the java sample on eclipse... so :

1. I Copied the contents of the module-core into the modules/securesocial
2. I came on the demo directory and try a play and eclipsify :

[ssdemo-java] $ eclipsify
[info] About to create Eclipse project files for your project(s).
[info] Updating {file:/Users/fred/Desktop/demo2/}securesocial...
[info] Done updating.
[info] Compiling 26 Scala sources and 10 Java sources to /Users/fred/Desktop/demo2/modules/securesocial/target/scala-2.9.1/classes...
[info] Successfully created Eclipse project files for project(s):
[info] securesocial

all the necesary files were created on the modules/securesocial directory.

I forget something ?

Hi,

Are there going to be any releases after 0.2.4 or is all the focus on supporting Play 2? I only ask because I'll probably have to make the following enhancements and would like to contribute back if a new version will ever be released.

• Out of the box use of database tables rather than hashmap (done)
• Support for multiple identity providers, which would be consolidated against a single user record
• Email as the username (no need to have both)
• Overwrite any view or email template
• Reset password
• Resend activation link (i.e. don't lock the username)
• Remember me
• Enforced HTTPS

Cheers.

If the request comes with a user in the session but UserService can't find it in the backing store the browser needs to be redirected to the login page.

This can happen when browsers send a valid cookie but the user information has been deleted from the backing store.

I have pages that can be accessed by the user if they are logged in or not and if they explicitly login from a page they should be returned to that page. For this to work I'd like the originalUrl to be set to the HTTP refrerer header at the beginning of the login method so the user is returned back to that page and not to ROOT on success. It would be nice if there was a mechanism to specifically customise the initialisation of originalUrl for login(), perhaps a call back to the UserService at the beginning. Does this sound reasonable or is there a simpler approach that I've missed. Thx, Chris

Could be gae-enabled problem, not sure

How to reproduce
play eclipsify
load project in eclipse
Use the generated .launch file to start the server in eclipse

When opening the first page I get this

Listening for transport dt_socket at address: 8000
20:11:21,146 INFO ~ Starting /home/francisdb/workspace/xxx
20:11:21,153 INFO ~ Module analytics is available (/home/francisdb/workspace/caramblaplay/mods/analytics)
20:11:21,153 INFO ~ Module securesocial is available (/home/francisdb/workspace/xxx/modules/securesocial-0.2.3)
20:11:21,154 INFO ~ Module less is available (/home/francisdb/workspace/xxx/modules/less-0.3)
20:11:21,154 INFO ~ Module gae is available (/home/francisdb/workspace/xxx/modules/gae-1.4)
20:11:22,392 WARN ~
20:11:22,392 WARN ~ Google App Engine module
20:11:22,392 WARN ~ ~~~~~~~~~~~~~~~~~~~~~~~
20:11:22,392 WARN ~ No Google App Engine environment found. Setting up a development environement
20:11:22,403 WARN ~
20:11:22,403 INFO ~ Detected that plugin 'play.modules.gae.GAEPlugin@353c375' disabled the plugin 'play.jobs.JobsPlugin@56c163f' the old way - should use Play.disablePlugin()
20:11:22,480 WARN ~ Using implementation version: Rhino 1.6 release 7 2007 08 19
20:11:22,975 WARN ~ You're running Play! in DEV mode
20:11:23,045 INFO ~ Listening for HTTP on port 9000 (Waiting a first request to start) ...
20:11:31,609 INFO ~ Registered Identity Provider: facebook
20:11:31,611 INFO ~ Using custom user service: class controllers.UserService
20:11:31,614 ERROR ~ Tried to register provider for type: facebook but it is registered already. Providers: {facebook=facebook}
20:11:33,175 ERROR ~

@697g8dnao
Internal Server Error (500) for request GET /

Oops: RuntimeException
An unexpected error occured caused by exception RuntimeException: There is already a provider registered for type: facebook

play.exceptions.UnexpectedException: Unexpected Error
at play.Play.start(Play.java:545)
at play.Play.detectChanges(Play.java:618)
at play.Invoker$Invocation.init(Invoker.java:198)
at Invocation.HTTP Request(Play!)
Caused by: java.lang.RuntimeException: There is already a provider registered for type: facebook
at securesocial.provider.ProviderRegistry.register(ProviderRegistry.java:46)
at securesocial.plugin.SecureSocialPlugin.onApplicationStart(SecureSocialPlugin.java:58)
at play.plugins.PluginCollection.onApplicationStart(PluginCollection.java:480)
at play.Play.start(Play.java:515)
... 3 more

Hi!

You made a workaround for the current thread context not available in Secured annotation, but not in UserAware. Maybe it should be set by hand there too.

When using securesocial2 with Java, using lang(), session(), request and flash() within the templates seem to fail - these variabes seem to not have been set, even when explicitly importing via
@import play.mvc.Http.Context.Implicit

Something seems to be broken regarding the context. This not being fixed makes it impossible to use any template based on those variables.

My application has these routes defined:

•   /auth               module:securesocial
  

  GET / Application.index
  GET /public/ staticDir:public

securesocial module includes this route:
GET /public/ staticDir:public

1. Open browser to "/". My Application.index points to a html template file with with image resources resolved using "@{'/public/images/...'}"
2. View source of rendered html and see the path is "/auth/public/images/..."

The path should be resolved to "/public/images/..." not "/auth/public/images/..."
If this route is removed from the module, everything still works and the path rendered is "/pubic/images/..."

Perhaps the module's /public/ folder is automatically made accessible?

Hi

from the source I can see that the UsernamePasswordProvider does a password check by using the play.libs.Crypto.passwordHash(String) method.

This enforces the user store to use the same method (or to store the password in plain text).

It wouldn't be a problem if the default hash algorithm in the play.libs.Crypto wasn't MD5 which has some security issues and is inferior to the other hashing algorythms supported ther (SHA-1 SHA-256 etc).

Is there any way to customize the password hash, except for changing the module code?
Even more - is there any way to customize the password check in UsernamePasswordProvider so that a user provided one is used (in case I don't want to use the play.libs.Crypto)?

Thank you
Vasil

Hi,

Works in Firefox, but not in Chrome. Ends up redirecting to the / address because originalUrl is null.

For Chrome the flash is gone by the time it hits the code SecureSocial.authenticate, but it's fine for FF. I've tried this will all extensions turned off...

Will test in IE and another Chrome machine over the next day or so...

Cheers.

Please add support for Play 2.0

SecureSocial is all or nothing when it comes to restricting access. This is a bit limiting. I'd like to have the ability to have an action that is unrestricted but still has access to the 'user' renderArg if the user is signed in.

For example, say I want to have an index page that anyone can go to, but if a user is signed in then they are shown additional content and/or buttons. Right now I cannot do that with SecureSocial. The 'user' renderArg is only populated when the checkAccess interceptor method is called but that method forces login if the user is not logged in.

I'd like the interceptor method to have an option (based on an annotation?) to populate the 'user' renderArg if the user is logged in or simply do nothing.

I can sort of set this up myself now by calling getCurrentUser() in my own interceptor, but that is hackish and furthermore that method does not populate the .serviceInfo property on the user (which might be considered a bug in getCurrentUser() too).

views/securesocial/SecureSocial/main.html has a mispelled class "containter" on the container div. This causes a mislayout of the pages since the twitter bootstrap CSS applies the layout to the "container" class.

I have windows 7, 64 bit
I have tried this with both play 2.0.2 and play 2.0.2-RC2

Java is:
java version "1.6.0_31"
Java(TM) SE Runtime Environment (build 1.6.0_31-b05)
Java HotSpot(TM) 64-Bit Server VM (build 20.6-b01, mixed mode)

I copied jaliss-securesocial-7ec359c\samples\java\demo to a different directory (lets call it user\demo)
I copied jaliss-securesocial-7ec359c\module-code\app\securesocial to user\demo\demo\app\securesocial
(I suspect I should also merge the public folder over, but it is not part of the readme, and I suspect it has no bearing on my issue)

I start the application, all is well
I browse to localhost:9000

I get

type mismatch; found : Iterable[securesocial.core.IdentityProvider] required: java.lang.Iterable[securesocial.core.IdentityProvider] Error occurred in an application involving default arguments.

In user\demo\app\securesocial\controllers\LoginPage.scala at line 57.

def login = Action { implicit request =>
Ok(securesocial.views.html.login(ProviderRegistry.all().values, securesocial.core.providers.UsernamePasswordProvider.loginForm))
}

I'm not extremely familiar with scala, but it seems to me that scala objects are being passed where java objects are expected.

Hi,

The module is so useful. But I'm wondering what's the best way to do customization?

The current module is very difficult to integrate with the specific application logic, authentication, as well as customized views.

Do we supposed to modify the source code directly if we want to integrate the module? Or is there a plan to provide a more general api for easier customization?

Best,

Guan

http://twitter.github.com/bootstrap/upgrading.html

This is related to issue #23.

If I attempt to use the deadbolt.restrict tag on a template where the user is not logged in, then I get an exception because SecureSocial attempts to redirect to the login page after the template has already sent content. I'm trying to use these tags on a page that has different content/buttons if the user is logged in or not. This happens because the DeadboltHelper.beforeRoleCheck calls checkAccess, which does the redirect when the user is not logged in.

This may be as designed. However, I don't think it's a good idea to have template tags potentially call a redirect. I think the deadbolt integration needs to be cleaned up a bit if possible. I think this can work better if the changes suggested in issue #23 are fixed.

I can avoid this issue by using deadbolt.roleHolderPresent around the deadbolt.restrict tag for now.

Hi,

is there any possibility to enforce HTTPS protocol for the controllers SecureSocial and UsernamePasswordController? I think this would be quite useful, as sending login data over plain HTTP is potentially dangerous. The only solution I came up with so far, is to wrap/proxy those controllers by a new Controller which then has a @Before interceptor that checks and redirects to HTTPS when necessary ... but this is not really clean, of course.

Note: I really do want to handle that internally in my application, and not by letting a front webserver / reverse proxy do that, as this would force me to duplicate some of my routes information into that component.

Thanks,
Jan.

Tried, Linkedin, Twitter, Google, GB and yahoo

updated the consumer keys and secret along with the return URL.

It just doesn't work locally.

Also, please Open the github Wiki - we need everybody to contribute on a documentation

I'm using "testapp", the application included in the samples-and-tests folder of the securesocial module. I add the follow configuration in the application.conf file:

Facebook

securesocial.facebook.authorizationURL=https://graph.facebook.com/
oauth/authorize
securesocial.facebook.accessTokenURL=https://graph.facebook.com/oauth/
access_token
securesocial.facebook.clientid=my_client_id application
securesocial.facebook.secret=my_client_secret
securesocial.facebook.scope=my_email

My facebook application is set with this property:
App Domain: herokuapp.com/
Redirect site url: http://stark-waterfall-4890.herokuapp.com/

When I try to log with Facebook the result is : "There was an error while trying to log you in. Please try again." . With myopenid the the login works properly. My application is currently upload in heroku repository and you can test it here: http://stark-waterfall-4890.herokuapp.com/.

The heroku-logs shows the following information:
....
2012-02-14T16:53:17+00:00 app[web.1]: 16:53:17,609 INFO ~ Registered Identity Provider: twitter
2012-02-14T16:53:17+00:00 app[web.1]: 16:53:17,609 INFO ~ Registered Identity Provider: facebook
2012-02-14T16:53:17+00:00 app[web.1]: 16:53:17,609 INFO ~ Registered Identity Provider: google
2012-02-14T16:53:17+00:00 app[web.1]: 16:53:17,610 INFO ~ Registered Identity Provider: yahoo
2012-02-14T16:53:17+00:00 app[web.1]: 16:53:17,610 INFO ~ Registered Identity Provider: foursquare
2012-02-14T16:53:17+00:00 app[web.1]: 16:53:17,613 INFO ~ Registered Identity Provider: linkedin
2012-02-14T16:53:17+00:00 app[web.1]: 16:53:17,613 INFO ~ Registered Identity Provider: wordpress
2012-02-14T16:53:17+00:00 app[web.1]: 16:53:17,613 INFO ~ Registered Identity Provider: myopenid
2012-02-14T16:53:17+00:00 app[web.1]: 16:53:17,613 INFO ~ Registered Identity Provider: userpass
2012-02-14T16:53:17+00:00 app[web.1]: 16:53:17,614 INFO ~ Application 'testapp' is now started !
2012-02-14T16:53:17+00:00 app[web.1]: 16:53:17,702 INFO ~ Listening for HTTP on port 54375 ...
2012-02-14T16:53:17+00:00 app[web.1]: 16:53:17,613 INFO ~ Using default user service
2012-02-14T16:53:32+00:00 app[web.1]: securesocial.provider.AuthenticationException
2012-02-14T16:53:32+00:00 app[web.1]: 16:53:32,069 ERROR ~ Error authenticating user
2012-02-14T16:53:32+00:00 app[web.1]: securesocial.provider.AuthenticationException
2012-02-14T16:53:35+00:00 app[web.1]: securesocial.provider.AuthenticationException
2012-02-14T16:53:35+00:00 app[web.1]: 16:53:35,424 ERROR ~ Error authenticating user
2012-02-14T16:53:35+00:00 app[web.1]: securesocial.provider.AuthenticationException
2012-02-14T16:54:24+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/ dyno=web.1 queue=0 wait=0ms service=35ms status=302 bytes=0
2012-02-14T16:54:24+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/login dyno=web.1 queue=0 wait=0ms service=31ms status=200 bytes=5330
2012-02-14T16:54:25+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/public/javascripts/jquery-1.5.2.min.js dyno=web.1 queue=0 wait=0ms service=21ms status=200 bytes=85925
2012-02-14T16:54:25+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/public/stylesheets/bootstrap-1.3.0/bootstrap.min.css dyno=web.1 queue=0 wait=0ms service=72ms status=200 bytes=45361
2012-02-14T16:54:25+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/public/images/providers/twitter.png dyno=web.1 queue=0 wait=0ms service=16ms status=200 bytes=946
2012-02-14T16:54:25+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/public/images/providers/facebook.png dyno=web.1 queue=0 wait=0ms service=44ms status=200 bytes=939
2012-02-14T16:54:25+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/public/images/providers/google.png dyno=web.1 queue=0 wait=0ms service=47ms status=200 bytes=1474
2012-02-14T16:54:26+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/public/images/providers/yahoo.png dyno=web.1 queue=0 wait=0ms service=20ms status=200 bytes=1390
2012-02-14T16:54:26+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/public/images/providers/foursquare.png dyno=web.1 queue=0 wait=0ms service=4ms status=200 bytes=2001
2012-02-14T16:54:26+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/public/images/providers/linkedin.png dyno=web.1 queue=0 wait=0ms service=5ms status=200 bytes=1020
2012-02-14T16:54:26+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/public/images/providers/wordpress.png dyno=web.1 queue=0 wait=0ms service=18ms status=200 bytes=1757
2012-02-14T16:54:26+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/public/images/providers/myopenid.png dyno=web.1 queue=0 wait=0ms service=18ms status=200 bytes=4117
2012-02-14T16:54:28+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/favicon.ico dyno=web.1 queue=0 wait=0ms service=10ms status=404 bytes=313
2012-02-14T16:54:31+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/facebook dyno=web.1 queue=0 wait=0ms service=4ms status=302 bytes=0
2012-02-14T16:54:32+00:00 app[web.1]: securesocial.provider.AuthenticationException
2012-02-14T16:54:32+00:00 app[web.1]: 16:54:32,656 ERROR ~ Error authenticating user
2012-02-14T16:54:32+00:00 app[web.1]: securesocial.provider.AuthenticationException
2012-02-14T16:54:32+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/facebook dyno=web.1 queue=0 wait=0ms service=7ms status=302 bytes=0
2012-02-14T16:54:32+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/login dyno=web.1 queue=0 wait=0ms service=21ms status=200 bytes=5526
2012-02-14T16:54:33+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/favicon.ico dyno=web.1 queue=0 wait=0ms service=6ms status=404 bytes=313
2012-02-14T16:55:14+00:00 app[web.1]: 16:55:14,268 INFO ~ Number of application's worked threads is 8
2012-02-14T16:55:14+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/ dyno=web.1 queue=0 wait=0ms service=437ms status=302 bytes=0
2012-02-14T16:55:24+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/myopenid dyno=web.1 queue=0 wait=0ms service=144ms status=302 bytes=0
2012-02-14T16:55:24+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/ dyno=web.1 queue=0 wait=0ms service=55ms status=200 bytes=1347
2012-02-14T16:55:24+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/favicon.ico dyno=web.1 queue=0 wait=0ms service=6ms status=404 bytes=313
2012-02-14T16:55:27+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/logout dyno=web.1 queue=0 wait=0ms service=7ms status=302 bytes=0
2012-02-14T16:55:27+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/login dyno=web.1 queue=0 wait=0ms service=16ms status=200 bytes=5330
2012-02-14T16:55:27+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/favicon.ico dyno=web.1 queue=0 wait=0ms service=7ms status=404 bytes=313
2012-02-14T16:55:32+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/ dyno=web.1 queue=0 wait=0ms service=70ms status=302 bytes=0
2012-02-14T16:55:35+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/auth/myopenid dyno=web.1 queue=0 wait=0ms service=646ms status=302 bytes=0
2012-02-14T16:55:35+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/ dyno=web.1 queue=0 wait=0ms service=10ms status=200 bytes=1347
2012-02-14T16:55:35+00:00 heroku[router]: GET stark-waterfall-4890.herokuapp.com/favicon.ico dyno=web.1 queue=0 wait=0ms service=9ms status=404 bytes=313
...

Can anyone help me?
Thanks in advance!

Currently there is no way to provide own custom HTML templates (e.g. all the views)?

It is not a good idea to change the out-of the box templates.

Subclassing securesocial.controllers.LoginPage and securesocial.controllers.Registration would be a possibility - or providing hooks which allows the respective views used to be defined.

Hi,
I was wondering if there is any way to get the user contact list. I was looking at this socialauth project http://code.google.com/p/socialauth/wiki/GettingStartedWithYourOwnFramework and it seems they support it.

Just wondering if it is not implemented, how easy would it be to bring it in?

Thanks

Hi,

I tried using the scope attribute with the LinkedIn provider but it appears that it is not supported.

As a workaround, I have manually added "?scope=" to the end of the requestTokenUrl, which seems to have worked but now I have an issue with logging out using LinkedIn JavaScript API, e.g.

IN.User.logout(function() {
  window.location = "/logout";
});

Somehow its related to me manually adding the scope attribute to the requestTokenUrl. If I remove it then the logout works fine. Not sure if its the LinkedIn API or SecureSocial that's the issue.

https://browserid.org/

Just read about it, seems to be a mozilla initiative. Not sure about privacy issues and stuff but sounds like something that could be integrated into securesocial?