Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Sep 12 2021 11:51
    akkie closed #493
  • Sep 12 2021 11:51
    akkie closed #545
  • Sep 12 2021 11:51
    akkie closed #551
  • Sep 12 2021 11:46

    akkie on master

    Update README.md (compare)

  • Sep 12 2021 11:46

    akkie on master

    Update README.md (compare)

  • Jun 22 2020 01:20
    asazernik commented #579
  • Jun 22 2020 01:07
    asazernik edited #579
  • Jun 22 2020 01:01
    asazernik opened #579
  • May 04 2020 11:09

    akkie on gh-pages

    updated site (compare)

  • May 04 2020 10:58

    akkie on gh-pages

    updated site (compare)

  • May 04 2020 10:56

    akkie on gh-pages

    updated site (compare)

  • May 04 2020 10:45

    akkie on master

    Fixed Auth0ProfileParser to get… (compare)

  • May 04 2020 10:45
    akkie closed #578
  • May 04 2020 10:44
    akkie commented #578
  • May 03 2020 03:23
    coveralls commented #578
  • May 03 2020 03:02
    ymotchi opened #578
  • Feb 27 2020 17:45
    rorygraves commented #569
  • Feb 27 2020 16:39

    akkie on gh-pages

    updated site (compare)

  • Feb 27 2020 16:33

    akkie on gh-pages

    updated site (compare)

  • Feb 27 2020 16:30
    akkie closed #569
MarcoH
@mheuer
Thanks for the feedback, @akkie, had a quick look at the auth flows and it seems we may not need the extra call to get the basic user profile info out of the id token itself after verifying it. Before I get started, do you have a rough timeframe when there might be the next release? I am sure that there are others that use Google+ auth today in a production setting that will benefit this API update.
Christian Kaps
@akkie
Is the new Google API based on OpenID Connect? I don't have a time frame. It's done when it's done. Sorry.
MarcoH
@mheuer
Okis, not too much pressure from my side. Just wanted to get a feel for a rough time frame. I don’t know yet about the specific flows, I will delve into this after Xmas and revert back. Merry Xmas or Happy Holidays!
Nick Fellows
@halfhp

I am sure that there are others that use Google+ auth today in a production setting that will benefit this API update.

@mheuer FWIW The company I work for will definitely be interested in using this. We're in the process of migrating away from Parse, which currently handles auth, with the intention of leveraging Silhouette there instead.

Christian Kaps
@akkie
Thanks, Merry Xmas too
MarcoH
@mheuer
Quick update, I had a look at the upcoming changes, and the actual auth flows do not change (phew), only the API we use to get the user profiles. I did a write-up and will start on this. Ticket to track the work is here: mohiva/play-silhouette#548 . PR should be ready in a couple of days.
MarcoH
@mheuer
Please review and any feedback or comments are most welcome.
Christian Kaps
@akkie
I'm a few days away from home. I'll look into it when I'm back.
MarcoH
@mheuer
Sure thing. Enjoy your time off!
Rory Graves
@rorygraves
Hi all, does anybody have an example of using a UserAwareAction with a file upload in a form submission - I'm trying to allow a user to submit a form with an image in it. effectively I want to do this silhouette.UserAwareAction.async(parse.multipartFormData) but the types and I'm not sure how to square the circle.
Rory Graves
@rorygraves
To answer my own question - the key is to ensure that the form is submitted as multipart/form-data and then the default body parse recognises it and allows you access to the data.
MarcoH
@mheuer
@rorygraves I was about to post you what I did to handle PDF and image uploads. But looks like you already have a solution. One note though, depending on the uploaded file size you may need to adjust the buffer of the parser. It is in our application.conf play.http.parser.maxMemoryBuffer = 512k for example.
Rory Graves
@rorygraves
Thanks @mheuer - That was probably my next question ;)
MarcoH
@mheuer
yvw!
threeel
@threeel
Hello everybody. Can silhouette be used in a multi-tenant single database ? Any comment would be appreciated
MarcoH
@mheuer
It depends to what degree you require data isolation for each tenant. Silhouette ootb stores all the user records, credentials (password and oauth tokens, etc) in multiple tables of one database. But it’s hard to be more specific without more details on what you are trying to achieve.
Naftoli Gugenheim
@nafg
@threeel I am
whiteTiger
@eliasapascaritei
Hi! I've switched from mohiva 5.0.0 to 5.0.7, and I get an error [Silhouette][jwt-authenticator] Could not init authenticator: JWTAuthenticator(...) . What am I missing??
did anyone encountered that?
Christian Kaps
@akkie
sidthesloth
@sidthesloth

Hi Also switched from mohiva 5.0.0 - 5.0.7 and play 2.7 then I get the following exception

play.api.UnexpectedException: Unexpected exception[AbstractMethodError: Method com/mohiva/play/silhouette/api/actions/DefaultSecuredErrorHandler.play$api$mvc$Results$_setter_$PreconditionRequired_$eq(Lplay/api/mvc/Results$Status;)V is abstract]
    at play.core.server.DevServerStart$$anon$1.reload(DevServerStart.scala:200)
    at play.core.server.DevServerStart$$anon$1.get(DevServerStart.scala:127)
    at play.core.server.ssl.ServerSSLEngine$.createSSLEngineProvider(ServerSSLEngine.scala:30)
    at play.core.server.AkkaHttpServer$$anon$2$$anon$3.sslEngineProvider$lzycompute(AkkaHttpServer.scala:469)
    at play.core.server.AkkaHttpServer$$anon$2$$anon$3.sslEngineProvider(AkkaHttpServer.scala:469)
    at play.core.server.AkkaHttpServer$$anon$2$$anon$3.engineCreateSSLEngine(AkkaHttpServer.scala:470)
    at javax.net.ssl.SSLContext.createSSLEngine(SSLContext.java:329)
    at akka.stream.scaladsl.TLS$.$anonfun$apply$2(TLS.scala:88)
    at akka.stream.impl.io.TLSActor.liftedTree1$1(TLSActor.scala:157)
    at akka.stream.impl.io.TLSActor.<init>(TLSActor.scala:157)
Caused by: java.lang.AbstractMethodError: Method com/mohiva/play/silhouette/api/actions/DefaultSecuredErrorHandler.play$api$mvc$Results$_setter_$PreconditionRequired_$eq(Lplay/api/mvc/Results$Status;)V is abstract
    at com.mohiva.play.silhouette.api.actions.DefaultSecuredErrorHandler.play$api$mvc$Results$_setter_$PreconditionRequired_$eq(SecuredAction.scala)
    at play.api.mvc.Results.$init$(Results.scala:669)
    at com.mohiva.play.silhouette.api.actions.DefaultSecuredErrorHandler.<init>(SecuredAction.scala:299)
    at GatewayChamberLoader$$anon$1.securedErrorHandler$lzycompute(GatewayChamberLoader.scala:144)
    at GatewayChamberLoader$$anon$1.securedErrorHandler(GatewayChamberLoader.scala:144)
    at GatewayChamberLoader$$anon$1.securedRequestHandler$lzycompute(GatewayChamberLoader.scala:147)
    at GatewayChamberLoader$$anon$1.securedRequestHandler(GatewayChamberLoader.scala:147)
    at GatewayChamberLoader$$anon$1.securedAction$lzycompute(GatewayChamberLoader.scala:151)
    at GatewayChamberLoader$$anon$1.securedAction(GatewayChamberLoader.scala:151)
    at GatewayChamberLoader$$anon$1.silhouetteDefaultEnv$lzycompute(GatewayChamberLoader.scala:169)

Any help would be appreciated

Christian Kaps
@akkie
Version 5 istn't compatible with Play 2.7. Please see mohiva/play-silhouette#553 and mohiva/play-silhouette#551
If you have an idea why the build for mohiva/play-silhouette#553 failed, then any help is appreciated
sidthesloth
@sidthesloth
Great @akkie thanks
Rup Shri
@irhspur
Hi. Could someone provide me some tips on using Silhouette with REST API for social login with ReactJS?
Any help would be appreciated
Naftoli Gugenheim
@nafg
Can you ask a more concrete question?
Albaro Pereyra
@AlbaroPereyra
He is probably looking for a play with silhouette implementing Oauth with ReactJS example. Where does Rest fit in? maybe a separate example of Rest being accessed with a ReactJS example?
Rup Shri
@irhspur
Yes. Particularly any example of Silhouette in conjunction with client side authentication frameworks.
Christian Kaps
@akkie
@irhspur This example uses an old version of Silhouette and it's based on Angular. But the concepts are still the same
Christian Kaps
@akkie
A relative actual Silhouette/React app without social login can be found here: https://github.com/setusoft/silhouette-play-react-seed
Rup Shri
@irhspur
Great @akkie thanks
Raghu
@RaghuTw1_twitter
Is there a good way to decode the state when the user denies access? I have a lot of useful information in the state that I need access to. Currently, I get an exception and it doesn’t seem to have the state information in there. I can see that the request sent back from the OAuth provider has the state variable.
It would’ve been really nice if the state extraction was separate from the handling of the received code or status. Looking thru the code, looks like it’s a protected resource.
Naftoli Gugenheim
@nafg
Can you give some more context?
Raghu
@RaghuTw1_twitter
When a user authenticates with an OAuth provider and decides in the flow to decline, the provider will call me with access denied. This shows up as AccessDenied exception. I need to get at the state so I can figure out a decent way of handling the error - like redirecting someplace.
Taylor Robison
@trobison
Hey there @akkie Big thanks for making Silhouette available to the world! I'm working on a project and one of the things I can't figure out is whether I can use the auth data obtained by silhouette to call Google APIs after the user has logged into google using Silhouette. I can't seem to find a way to do that but it seems like a common case. Am I looking in the wrong place? As an example, if one wanted to fetch detailed information about the logged in user one might use something similar to this: https://developers.google.com/admin-sdk/directory/v1/quickstart/java But that would trigger another auth flow, which seems silly.
Giovanni Azua
@bravegag
Hi everyone, I'm looking at moving to Silhouette from PA. I have over time built a seed for apps but since PA is Java native and I need Scala then the result is a bit hacky (e.g. creating JavaContext for Scala). Anyway, what's the closest (and latest Play 2.7) Silhouette seed to what I have https://github.com/bravegag/play-authenticate-usage-scala including: username/password authentication with email integration, social authentication, Slick backend and DAO with Postgres DB, Google recaptcha TOTP, Remember Me using cookies or otherwise. TIA!
Christian Kaps
@akkie
The latest official Silhouette seed currently uses Silhouette 6.0.0 Snapshot which is basically the same as 6.0.0-RC1. Version 6 is based an Play 2.7. The features for this seed are documented in the readme. TOTP isn't currently not supported by Silhouette.
Giovanni Azua
@bravegag
@akkie Hi! thanks for letting me know!
How do you implement sudo Actions in Silhouette? by sudo I mean when we need to re-auth the user because of trying to access sensitive information such as billing or security settings. Sudo activates when the user logged in using a cookie and then attempts to access (view or edit) sensitive information.
Christian Kaps
@akkie
@bravegag I'll post the link to the forum post, so that others can follow the discussion. http://discourse.silhouette.rocks/t/how-do-you-solve-in-silouette-the-sudo-actions-use-case/340/4
mcallisto
@mcallisto
Hi, anyone knows if play-silhouette-persistence-reactivemongo latest release 5.0.6 is compatible with play-silhouette latest 6.0.x?
mcallisto
@mcallisto
I would say no, the former is based on Play 2.6, while the latter on 2.7
Christian Kaps
@akkie
@mcallisto Yes they are not compatible at the moment. A PR is welcome
Saskia Gennrich
@pektinasen
Hello everyone. Is it possible to have different custom error handlers per Environment?
Albaro Pereyra
@AlbaroPereyra
Yes!
Saskia Gennrich
@pektinasen
Sorry, I wasn't clear. I meant the com.mohiva.play.silhouette.api.actions.SecuredErrorHandler
I can overwrite the defaultSecuredErrorHandler in every Action, but I was wondering if there was another way
Christian Kaps
@akkie
@pektinasen The silhouette stack can be bound per environment and so the global error handler can also be bound per environment. https://github.com/mohiva/play-silhouette/blob/master/silhouette/app/com/mohiva/play/silhouette/api/Silhouette.scala#L30