Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Jun 22 2020 01:20
    asazernik commented #579
  • Jun 22 2020 01:07
    asazernik edited #579
  • Jun 22 2020 01:01
    asazernik opened #579
  • May 04 2020 11:09

    akkie on gh-pages

    updated site (compare)

  • May 04 2020 10:58

    akkie on gh-pages

    updated site (compare)

  • May 04 2020 10:56

    akkie on gh-pages

    updated site (compare)

  • May 04 2020 10:45

    akkie on master

    Fixed Auth0ProfileParser to get… (compare)

  • May 04 2020 10:45
    akkie closed #578
  • May 04 2020 10:44
    akkie commented #578
  • May 03 2020 03:23
    coveralls commented #578
  • May 03 2020 03:02
    ymotchi opened #578
  • Feb 27 2020 17:45
    rorygraves commented #569
  • Feb 27 2020 16:39

    akkie on gh-pages

    updated site (compare)

  • Feb 27 2020 16:33

    akkie on gh-pages

    updated site (compare)

  • Feb 27 2020 16:30
    akkie closed #569
  • Feb 27 2020 16:30
    akkie commented #569
  • Feb 27 2020 16:28

    akkie on 7.0.0

    (compare)

  • Feb 27 2020 16:25

    akkie on master

    Release version 7.0.0 (compare)

  • Feb 10 2020 19:05
    akkie commented #569
  • Feb 10 2020 19:04

    akkie on 7.0.0-RC1

    (compare)

Giovanni Azua
@bravegag
I have done step by step two times with the Playframework & Heroku Dev guides to deploy the app and everything looks ok but still all the IOC breaks and there is no other output
Can you please send me screenshots of your Heroku settings? to bravegag@gmail.com of course concealing any private/security/confidential data
gobandoGH
@gobandoGH
@bravegag I have send you Heroku related deployment files to your email. Please let me know if further details are needed
Giovanni Azua
@bravegag
@gobandoGH I'm double checking everything .. thank you!
@akkie @gobandoGH this is the log I am getting from Heroku https://www.dropbox.com/s/34k1lp36bxjq6xi/heroku.log?dl=0
Christian Kaps
@akkie
@bravegag I think your config will not be loaded correctly. The config contains the module bindings and therefore Guice cannot load it
Have you set the PLAY_CONF_FILE var to application.prod.conf?
Giovanni Azua
@bravegag
yep
@akkie this is my ProcFile web: target/universal/stage/bin/myapp -Dhttp.port=${PORT} -Dconfig.file=${PLAY_CONF_FILE} -Dplay.evolutions.db.default.autoApply=true
and the PLAY_CONF_FILE is set to application.prod.conf as part of the conf vars settings in Heroku
Christian Kaps
@akkie
web: target/universal/stage/bin/play-silhouette-seed -Dhttp.port=${PORT} -Dconfig.resource=${PLAY_CONF_FILE}
-Dconfig.resource
not Dconfig.file
Giovanni Azua
@bravegag
Yep just caught the same :) I am running again :)
that was it :)
now I got other more reasonable errors
thank you!
Christian Kaps
@akkie
@gobandoGH Yes, this makes sense. But note, that Silhouette supports also a stateless variant of the CookieAuthenticator.
@bravegag Your'e welcome! And many thanks for your contributions :+1:
Giovanni Azua
@bravegag
@akkie Happy to help!
gobandoGH
@gobandoGH
Thank you @akkie. What would be your recommendation for a single authenticator to attend both web/mobile authentication requests looking forward to a distribute deployment scenario ?
Christian Kaps
@akkie
If distributed, then a stateless authenticator. It's not easy to say if one or multiple authenticators should be used. Based on the assumption that you use different actions for your different application types, then: If you call a REST API from a mobile application than a token based authenticator would be a good fit. For a SPA or traditional web app, the cookie authenticator is great and has more advantages as a token based authenticator
gobandoGH
@gobandoGH
Thank you @akkie !
Vinicius Miana
@ViniciusMiana
Hello, I made a small change on the LinkedInProvider, since the v1 resources are no longer available. Can I just open a PR or do you need anything else?
Vinicius Miana
@ViniciusMiana
Here is the PR: mohiva/play-silhouette#568
lasimon
@lasimon
I have an e2e test (Cypress) that runs fine with a Play app using Silhouette when it runs on my laptop but throws a "Fingerprint doesn't match authenticator" when run against the same app in production. Any ideas what to look at/try?
Christian Kaps
@akkie
The default fingerprint generator is based on browser headers and the remote address: https://github.com/mohiva/play-silhouette/blob/master/silhouette/app/com/mohiva/play/silhouette/impl/util/DefaultFingerprintGenerator.scala
From the doc: 
The same with `Accept-Encoding`. But in Chromium/Blink based browser the content of this header may
 be changed during requests. @see https://github.com/mohiva/play-silhouette/issues/277
Maybe this is the issue?
adilkurniaramdan
@adilkurniaramdan
hi I saw the documentation about this dependency:
"com.mohiva" %% "play-silhouette-persistence-reactivemongo" % "6.0.0"
but it's not found, and I checked the github of play-silhouette-persistence-reactivemongo the version 6.0.0 is not release yet ?
anyone can help me ?
Christian Kaps
@akkie
Yes, it's not released. You could create a PR for Play 2.7 to make it work
Georgios Larkou
@glarkou

Hello guys.

We are trying to decode a Play JWT token on our other app in order to allow access on some specific resources and we are using https://github.com/jpadilla/pyjwt library. We are using the following code but we get Signature verification failed. Any suggestions? 

jwt_payload = jwt.decode(token, 'changem', algorithms=['HS256'])
    print(jwt_payload)
jwt.exceptions.InvalidSignatureError: Signature verification failed
Georgios Larkou
@glarkou
We solved it. Don't worry!
Ender-Wiggin
@Ender-Wiggin
Hey guys, having trouble with the PasswordDAO migration to 6.1, could anyone help? Replied to a thread on forum: https://discourse.silhouette.rocks/t/problem-with-passwordinfodao-implmentation-in-silhouette-version-6-1/366/8
asedghi
@asedghi

Hi guys I'm having a bit of an issue any help would be appreciated. Thought I would ask before filling a bug. Im using Play 2.7.3 play-silhouette 6.1.1 Guice and JWT. Im unable to to change authenticatorIdleTimeout to implement rememberMe. This code worked on play-silhouette 5. 


case Some(user) => silhouette.env.authenticatorService.create(loginInfo).map {
            case authenticator if data.rememberMe =>
              val c = configuration.underlying
              authenticator.copy(
                expirationDateTime = clock.now + c.as[FiniteDuration]("silhouette.authenticator.rememberMe.authenticatorExpiry"),
                idleTimeout = c.getAs[FiniteDuration]("silhouette.authenticator.rememberMe.authenticatorIdleTimeout"))
            case authenticator => authenticator
          }.flatMap { authenticator =>
            silhouette.env.eventBus.publish(LoginEvent(user, request))
            silhouette.env.authenticatorService.init(authenticator).map { token =>
              Ok(Json.obj("token" -> token))
            }
          }

Am I doing something wrong?

Christian Kaps
@akkie
What exactly is the issue?
asedghi
@asedghi
So i can set authenticatorIdleTimeout in configuration at startup and it works fine. However if I set the same setting during user login it does nothing. the authenticatorIdleTimeout stays the same.
asedghi
@asedghi
I've also debug the code and can see that authenticator has the updated settings from remember me when it call authenticatorService.init(authenticator) .
asedghi
@asedghi
The issue for me is purely with JWT. Cookie auth works as expected.
Christian Kaps
@akkie
Remember me was only planned for cookies. Does it work with JWT in the previous version?
asedghi
@asedghi
its documented as "Can be used for remember me functionality" and is used in play-silhouette-angular-typescript.g8 looks like the last working version was 5.0.3. the code example above was from that code
Christian Kaps
@akkie
You say that the settings of the authenticator service has the remember me settings but that the generated token doesn't have the correct dates set? The serialize function uses the dates from the authenticator when creating the token. So if you change the dates in the authenticator, then the token should also contain these dates. Have you double checked your new updated values and the exp and iat claims in your token? Are they not the same?
asedghi
@asedghi
Christian, thank so much for taking time to help me out.
I see the code related to expirationDateTime and that works as expected. idleTimeout also makes makes it into the serialize. However, unserialize ignores authenticatorIdleTimeout and uses settings.authenticatorIdleTimeout
asedghi
@asedghi
I also see where iat and exp are set but It looks like idletimeout is entirely ignored. in the serialize method
Christian Kaps
@akkie
Yes, the idleTimeout is currently not stored in the JWT. We could introduce a new reserved claim idt and set the idle timeout during serialization. So we can extract it from the JWT during unserialization. Would you create a PR containing these changes with also some tests?
asedghi
@asedghi
Sure, should be simple enough. I'll take a stab at it over the weekend.
@ugobourdon
@ubourdon
Hi. Where can i find an example using OpenIDProvider ?
@ugobourdon
@ubourdon
Hi. When try to instanciate OpenIdProvider i have this error :
java.lang.NullPointerException: null
at com.mohiva.play.silhouette.impl.providers.SocialProvider$class.$init$(SocialProvider.scala:57)