Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Oct 10 13:41

    akkie on gh-pages

    updated site (compare)

  • Oct 10 06:35

    akkie on gh-pages

    updated site (compare)

  • Oct 10 06:23

    akkie on gh-pages

    updated site (compare)

  • Oct 10 06:21

    akkie on gh-pages

    updated site (compare)

  • Oct 10 06:08

    akkie on master

    Fixed Profile URL as v1 resourc… (compare)

  • Oct 10 06:08
    akkie closed #568
  • Oct 10 06:08
    akkie commented #568
  • Oct 10 02:26
    coveralls commented #568
  • Oct 10 02:26
    coveralls commented #568
  • Oct 10 02:26
    coveralls commented #568
  • Oct 10 02:26
    coveralls commented #568
  • Oct 10 02:26
    coveralls commented #568
  • Oct 10 02:12
    ViniciusMiana commented #568
  • Oct 10 02:09
    ViniciusMiana synchronize #568
  • Oct 09 13:56
    ViniciusMiana commented #568
  • Oct 09 04:51
    akkie commented #568
  • Oct 09 04:36
    ViniciusMiana opened #568
  • Sep 18 19:30
    akkie synchronize #551
  • Sep 09 15:53
    akkie commented #567
  • Sep 09 15:53

    akkie on gh-pages

    updated site (compare)

Giovanni Azua
@bravegag
How do you implement sudo Actions in Silhouette? by sudo I mean when we need to re-auth the user because of trying to access sensitive information such as billing or security settings. Sudo activates when the user logged in using a cookie and then attempts to access (view or edit) sensitive information.
Christian Kaps
@akkie
@bravegag I'll post the link to the forum post, so that others can follow the discussion. http://discourse.silhouette.rocks/t/how-do-you-solve-in-silouette-the-sudo-actions-use-case/340/4
mcallisto
@mcallisto
Hi, anyone knows if play-silhouette-persistence-reactivemongo latest release 5.0.6 is compatible with play-silhouette latest 6.0.x?
mcallisto
@mcallisto
I would say no, the former is based on Play 2.6, while the latter on 2.7
Christian Kaps
@akkie
@mcallisto Yes they are not compatible at the moment. A PR is welcome
Saskia Gennrich
@pektinasen
Hello everyone. Is it possible to have different custom error handlers per Environment?
Albaro Pereyra
@AlbaroPereyra
Yes!
Saskia Gennrich
@pektinasen
Sorry, I wasn't clear. I meant the com.mohiva.play.silhouette.api.actions.SecuredErrorHandler
I can overwrite the defaultSecuredErrorHandler in every Action, but I was wondering if there was another way
Christian Kaps
@akkie
@pektinasen The silhouette stack can be bound per environment and so the global error handler can also be bound per environment. https://github.com/mohiva/play-silhouette/blob/master/silhouette/app/com/mohiva/play/silhouette/api/Silhouette.scala#L30
Raghu
@RaghuTw1_twitter
When is 6.0.x likely to make it out into the wild?
Christian Kaps
@akkie
I'll release it tomorrow
Alex Henning Johannessen
@ahjohannessen
@akkie Play 2.7.3 supports Scala 2.13.0, any chance to bump Play and do a 2.13.0 release?
Christian Kaps
@akkie
@ahjohannessen sure, any PR is welcome
Alex Henning Johannessen
@ahjohannessen
@akkie Here you go: mohiva/play-silhouette#564
Alex Henning Johannessen
@ahjohannessen
travis is a bit flaky in that it does not always to succeed to resolve some dependencies
Alex Henning Johannessen
@ahjohannessen
@akkie Could you please reset the travis ci cache and restart the build for #564 ? As you can see here: https://travis-ci.org/mohiva/play-silhouette/builds/551340681 everything is green, but then here: https://travis-ci.org/mohiva/play-silhouette/builds/551349791 Scala 2.12.8/jdk8 has issues resolving dependencies. I think it is a result of something weird with caching.
Alex Henning Johannessen
@ahjohannessen
@akkie Got things stable wrt. CI, so no need to clear cache - Updated sbt-runner to latest sbt-extras and CI is consistently green now :)
nafg
@nafg
@ahjohannessen I just had that. Maybe travis is having some hiccups. It doesn't normally happen to me.
setrar
@setrar

https://github.com/CollegeBoreal/play-silhouette-slick-mysql.g8

I am upgrading this g8 project to Play 2.7.3 supports Scala 2.13.0 but I am having classTag issue with the new DelegableAuthInfoDAO trait

play-silhouette-slick-mysql/app/daos/password/PasswordDAO.scala:16:7: class PasswordDAO needs to be abstract. Missing implementation for:
[error]   val classTag: scala.reflect.ClassTag[com.mohiva.play.silhouette.api.util.PasswordInfo] // inherited from trait DelegableAuthInfoDAO

https://github.com/CollegeBoreal/play-silhouette-slick-mysql.g8/blob/master/src/main/g8/app/daos/password/PasswordDAO.scala#L15

setrar
@setrar

A follow up to my question, I instantiate the Password DAO using the below Injection scheme in Silhouette 5.0.3

@Singleton
class PasswordDAO @Inject()(
    protected val dbConfigProvider: DatabaseConfigProvider,
    loginDao: LoginDAO)(implicit executionContext: ExecutionContext)
    extends DelegableAuthInfoDAO[PasswordInfo]
    with PasswordDTO
    with HasDatabaseConfigProvider[JdbcProfile] {
...

The Silhouette Module Binding follows the below snippet

class SilhouetteModule extends AbstractModule with ScalaModule {

  override def configure(): Unit = {
   ...
    // @provides provideAuthInfoRepository
    bind[DelegableAuthInfoDAO[PasswordInfo]].to[PasswordDAO]
}

Unfortunately, the new DelegableAuthInfoDAO trait doesn't seem to allow the same instantiation.

val silhouetteVersion = "6.0.1"

trait DelegableAuthInfoDAO[T <: AuthInfo] extends AuthInfoDAO[T] {

  /**
   * The class tag for the type parameter.
   */
  val classTag: ClassTag[T]
}

The previous DelegableAuthInfoDAO implementation used an abstract class.

val silhouetteVersion = "5.0.3"

abstract class DelegableAuthInfoDAO[T <: AuthInfo](implicit val classTag: ClassTag[T]) extends AuthInfoDAO[T]

What would be the new way to instantiate PasswordDAO?

I looked into the Change Log and couldn't find any new explanation regarding the new trait implementation.

Let me know if the chat is not the place to talk about this item, I will move it to the forum. Thanks, and please help

Christian Kaps
@akkie
@setrar Do you get a compile error? For the new implementation you must pass an implicit class tag. The abstract class has done this implicitly. Now you must pass it explicitly
setrar
@setrar

@akkie yes, I do get a compile Error

play-silhouette-slick-mysql/app/daos/password/PasswordDAO.scala:16:7: class PasswordDAO needs to be abstract. Missing implementation for:
[error]   val classTag: scala.reflect.ClassTag[com.mohiva.play.silhouette.api.util.PasswordInfo] // inherited from trait DelegableAuthInfoDAO

I then tried to mimic InMemoryAuthInfoDAO

  override def configure(): Unit = {
       ...
      bind[DelegableAuthInfoDAO[PasswordInfo]]
            .toInstance(new PasswordDAO[PasswordInfo])
  }

But it looks like I need to use .toInstance to create a new DelegableAuthInfoDAO

That doesn't sit well with the Injected dbConfig

class PasswordDAO[T <: AuthInfo] @Inject()(
    protected val dbConfigProvider: DatabaseConfigProvider,
    loginDao: LoginDAO)(implicit val classTag: ClassTag[T])
    extends DelegableAuthInfoDAO[T]
    with PasswordDTO
    with HasDatabaseConfigProvider[JdbcProfile] {
   ...

any workaround?

Christian Kaps
@akkie
You could use a Guice provider. The official seed template does use this already for some services. With a provider you can instantiate complex classes
Christian Kaps
@akkie
Could you post the code of your Dao?
setrar
@setrar

@akkie Thanks, I will look into the Provider solution from the seed.

A DAO's snippet below but you can find the entire gitter8 template here

https://github.com/CollegeBoreal/play-silhouette-slick-mysql.g8

@Singleton
class PasswordDAO @Inject()(
    protected val dbConfigProvider: DatabaseConfigProvider,
    loginDao: LoginDAO)(implicit executionContext: ExecutionContext)
    extends DelegableAuthInfoDAO[PasswordInfo]
    with PasswordDTO
    with HasDatabaseConfigProvider[JdbcProfile] {

  import profile.api._

  val passwords = lifted.TableQuery[PasswordTable]

  def getAll: Future[Seq[Password]] = db.run(passwords.result)

  override def find(loginInfo: LoginInfo): Future[Option[PasswordInfo]] =
    db.run {
      for {
        Some(fields) <- passwords
          .filter(_.password === loginInfo.providerKey)
          .result
          .map(_.headOption)
      } yield
        Some(
          PasswordInfo(hasher = fields.hasher,
                       password = fields.secret,
                       salt = fields.salt))
    }
...

To start a new project: (using play-2.7, scala 2.13 and latest Silhouette) not working

$ sbt new CollegeBoreal/play-silhouette-slick-mysql.g8

The previous SIlhouette 5.03 version

$ sbt new CollegeBoreal/play-silhouette-slick-mysql.g8 --branch play-2.6
Christian Kaps
@akkie
And this code:
class PasswordDAO[T <: AuthInfo] @Inject() (
  protected val dbConfigProvider: DatabaseConfigProvider,
  loginDao: LoginDAO
)(
  implicit 
  val classTag: ClassTag[T],
  executionContext: ExecutionContext
) extends DelegableAuthInfoDAO[T]
    with PasswordDTO
    with HasDatabaseConfigProvider[JdbcProfile] {
Doesn't work if you use:
bind[DelegableAuthInfoDAO[PasswordInfo]].to[PasswordDAO]
?
Normally, it should
Christian Kaps
@akkie
Normally T isn't really needed here:
class PasswordDAO @Inject() (
  protected val dbConfigProvider: DatabaseConfigProvider,
  loginDao: LoginDAO
)(
  implicit 
  val classTag: ClassTag[PasswordInfo],
  executionContext: ExecutionContext
) extends DelegableAuthInfoDAO[PasswordInfo]
    with PasswordDTO
    with HasDatabaseConfigProvider[JdbcProfile] {
setrar
@setrar
@akkie the second snippet (without using the type parameter [T]) does compile but it gives an Error. The same error is thrown when using the type parameter [T].
[error] application - 

! @7cm23k6mg - Internal server error, for (GET) [/] ->

play.api.UnexpectedException: Unexpected exception[CreationException: Unable to create injector, see the following errors:

1) No implementation for scala.reflect.ClassTag<com.mohiva.play.silhouette.api.util.PasswordInfo> was bound.
  while locating scala.reflect.ClassTag<com.mohiva.play.silhouette.api.util.PasswordInfo>
    for the 3rd parameter of daos.password.PasswordDAO.<init>(PasswordDAO.scala:18)
  at modules.SilhouetteModule.configure(SilhouetteModule.scala:78) (via modules: com.google.inject.util.Modules$OverrideModule -> modules.SilhouetteModule)
Christian Kaps
@akkie
The class tag will be added by the compiler. So it seems that this isn't possible in this case due to the Guice magic. So you should use a Guice provider in this case
setrar
@setrar
@akkie great, I will. Thanks again
Shunsuke Wada
@letusfly85

Hi, now I’m implementing a play-silhouette OAuth2 and a Vue.js project.
I’m trying to redirect from the playframework project to the Vue.js project after successing authentication.

But, I cannot handle JWT of the play project on the Vue.js project.

Is there any good way to get X-Auth-Token on Vue.js project.
If I can, I want to use OAuth2 without redirect.

Christian Kaps
@akkie
@letusfly85 For me it's not really clear what you try to achieve. Could be a bit more specific?
Shunsuke Wada
@letusfly85
vue_silhouette.png

@akkie

Thank you, I want to like the above.

Christian Kaps
@akkie
@letusfly85 The second part of the OAuth2 flow, where the provider returns the access token (your JWT), is normally the only part Silhouette handles in this scenario. The first part of the OAuth2 flow is mostly handled client side in your Vue.js code. Am I right? So in this case, you start the flow from the client side. Your client redirects the user to the provider, where the authentication against the provider happens. The provider redirects the user to the Silhouette endpoint with the authorization code. Silhouette exchanges the authorization code against the access token. Now you have two possibilities. First you can initiate a Silhouette session (create an authenticator), so that the user is authenticated against your backend. In the second case, you don't need a Silhouette session bur rather the OAuth2 access token from the provider. In both cases your controller which acts as the OAuth2 endpoint in your Play app and which calls the OAuth2Provider.authenticate method, can send a redirect to your client. In this redirect you can include in both cases, the access token (your JWT) which you get as result from the authenticate method.
Altern Egro
@alternegro
Hello, is the 4.0 documentation worth reading or will it lead me down the wrong path?
Shunsuke Wada
@letusfly85
@akkie

@akkie
Thank you!

I tried the above way,
However, when the provider redirects to the silhouette endpoint,
silhouette module showed the following errors.

[/authenticate/google] ->

play.api.http.HttpErrorHandlerExceptions$$anon$1: Execution exception[[CryptoException: [Silhouette][JcaSigner] Invalid message format; Expected [VERSION]-[SIGNATURE]-[DATA]]]
Altern Egro
@alternegro
Are Silhouette versions meant to mirror the Play sub versions? ie Does Silhouette 4 > Play 2.4.x, Silhouette 6 -> Play 2.6?
nafg
@nafg
Seems like they're one off that. See https://www.silhouette.rocks/docs/releases
@alternegro
Altern Egro
@alternegro
@nafg Thanks!
Altern Egro
@alternegro
So judging from the 4.0 to 5.0 Migration guide, It looks like the changes introduced in Silhouette are really just to keep up with Play, rather than to change Silhouette itself. Does this mean that the 4.0 documentation and the Migration Guide have all the info required to get up and running, or I'm I better of working from the the seed?
Christian Kaps
@akkie
@letusfly85 Do you use the CsrfStateItemHandler? This will not work with your scenario!
@alternegro Do you migrate an existing app? If so, to which version of Play?