Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
  • Feb 27 17:45
    rorygraves commented #569
  • Feb 27 16:39

    akkie on gh-pages

    updated site (compare)

  • Feb 27 16:33

    akkie on gh-pages

    updated site (compare)

  • Feb 27 16:30
    akkie closed #569
  • Feb 27 16:30
    akkie commented #569
  • Feb 27 16:28

    akkie on 7.0.0

    (compare)

  • Feb 27 16:25

    akkie on master

    Release version 7.0.0 (compare)

  • Feb 10 19:05
    akkie commented #569
  • Feb 10 19:04

    akkie on 7.0.0-RC1

    (compare)

  • Feb 10 19:04

    akkie on 7.0.0-RC1

    (compare)

  • Feb 10 19:01

    akkie on 7.0.0-RC1

    Release version 7.0.0-RC1 (compare)

  • Feb 10 18:53

    akkie on gh-pages

    updated site (compare)

  • Feb 10 18:51

    akkie on gh-pages

    updated site (compare)

  • Feb 10 18:47

    akkie on gh-pages

    updated site (compare)

  • Feb 10 18:38

    akkie on master

    Release version 7.0.0-RC1 (#577) (compare)

  • Feb 10 18:38
    akkie closed #577
  • Feb 10 16:57
    coveralls commented #577
  • Feb 10 16:57
    coveralls commented #577
  • Feb 10 16:46
    akkie opened #577
  • Feb 10 10:02

    akkie on gh-pages

    updated site (compare)

nafg
@nafg
@akkie are you around now?
nafg
@nafg
@akkie are you around?
Christian Kaps
@akkie
@nafg I'm here
nafg
@nafg
@akkie have you considered setting up Scala Steward?
Christian Kaps
@akkie
@nafg Yes, sure. But the main focus for me was getting the framework agnostic version of Silhouette to an end.
Aidar
@SunPj
@neimspace11 I have done Silhouette social authentication integration. https://github.com/SunPj/silhouette-vuejs-app
Although authentication via OAuth1/2 leads to new user to be created. I will work on merging users functionality so it won't be allowed to signUp via social if there is existing user with eq email. I will add buttons to link social accounts to user profile, instead
neimspace11
@neimspace11
@SunPj Thanks a lot!
Tudor Anastasiu
@skypper
Hi, I would like to create and ActionFilter that takes SecuredRequest as input and filters based on requrest.identity. However there is a compiler error because ActionRefiner takes requests that depend on a single type parameter, the body, whereas SecuredRequest depends on 2 type parameters (the env and body). Any advice?
case class SecuredRequest[E <: Env, B]
trait ActionFilter[R[_]]
Aidar
@SunPj
@neimspace11 Hi. I have added Recaptcha support. Just if you are interested.
neimspace11
@neimspace11
@SunPj These are great news! Keep up the good work!
phamtrinli
@phamtrinli
Hi, is there an example how to use different environments? I want to achieve something like authentication via CAS backed by CookieAuthenticator as well as authentication via Basic Auth backed by dummy authenticator. How do I integrate 2 different environments in the controller?
Christian Kaps
@akkie
@phamtrinli Currently it's not possible to use two different environments in a single controller. This will change in a future version of Silhouette
phamtrinli
@phamtrinli
@akkie Thanks for the reply. That change will be helpful for us. Other than that, thanks for the library :)
reza
@RezaBidar
Hi
Can I use a proxy for google authentication?
Christian Kaps
@akkie
@RezaBidar what do you exactly mean?
neimspace11
@neimspace11
@SunPj Regarding Recaptcha support - I assume you are using reCAPTCHA v2 and server-side keys for RECAPTCHA_SECRETKEY env variables on Heroku, right ?
I am somehow struggling to get it running on Heroku platform. When opening Sign Up page, I am getting loading indicator and it stuck. No errors in browser console or in heroku logs. Only through Vue devtools can see that Captcha component has recaptchaSitekey:undefined
Maybe you have encountered something similar ?
P.S. herokuapp.com was added to allowed domains in reCaptcha admin console
jondlew
@jondlew
Trying to implement JWT -- I'm generating the token fine, but getting this error on subsequent requests:
Caused by: java.text.ParseException: Invalid serialized unsecured/JWS/JWE object: Missing part delimiters
at com.nimbusds.jose.JOSEObject.split(JOSEObject.java:222)
at com.nimbusds.jose.JWSObject.parse(JWSObject.java:414)
at com.mohiva.play.silhouette.impl.authenticators.JWTAuthenticator$.$anonfun$unserialize$1(JWTAuthenticator.scala:133)
Christian Kaps
@akkie
@jondlew was the token generated by Silhouette?
jondlew
@jondlew
My mistake was in authenticatorService.embed -- in the Result I was using my own json object with just the authenticator.id instead of "Token(token = token, expiresOn = authenticator.expirationDateTime))". I assume that was the problem as once I used the Token class everything worked fine.
Aidar
@SunPj
@neimspace11 Sorry for delay I didn't receive any notification about your message. Did you manage to solve this? Let me know if I can help you
@neimspace11 I have added Password brute force protection (Default is 5 tries per 30 minutes, but can be configured) feature, so you can try it if you are interested https://github.com/SunPj/silhouette-vuejs-app
@akkie I suggested about 4 edits during last two months. Just wonder whether you don't have time to review them or is there any other reasons. Thanks
Aidar
@SunPj
@neimspace11 I have pushed some recaptcha related info. Please check out readme file in git repo https://github.com/SunPj/silhouette-vuejs-app
Christian Kaps
@akkie
@SunPj have not got a notification about that. Will look at it later
Andy Collins
@andersin_cs_twitter
Can anyone shoot me some help on how to get started with this? Along with importing what LibraryDependencies into my Build.sbt
Christian Kaps
@akkie
@andersin_cs_twitter A good starting point is the official seed template: https://github.com/mohiva/play-silhouette-seed
Søren Valentin Silkjær
@SoerenSilkjaer
Hi. Does play-silhouette have a built in mechanism for refreshing tokens when using OAuth2 or OIDC?
Christian Kaps
@akkie
Currently this functionality is one implemented into the framework agnostic version of silhouette. Maybe you can backport it
gobandoGH
@gobandoGH
Hi All,
I am implementing a JWT authenticator in Silhouette 6.1 and having this error: “[Silhouette][jwt-authenticator] Could not init authenticator: JWTAuthenticator”
I have also learned that is error was fixed by updating JWT dependencies in Silhouette 5.0.3.
What this issue might be ?, and how to solve it ?
Appreciate your help
Christian Kaps
@akkie
There must be a more detailed error. Have you enabled debug logging?
gobandoGH
@gobandoGH
@akkie, this is the sequence of the error in the console log:
play.api.http.HttpErrorHandlerExceptions$$anon$1: Execution exception[[AuthenticatorInitializationException: [Silhouette][jwt-authenticator] Could not init authenticator: JWTAuthenticator
….Caused by: com.mohiva.play.silhouette.api.exceptions.AuthenticatorInitializationException: [Silhouette][jwt-authenticator] Could not init authenticator: JWTAuthenticator
….Caused by: com.atlassian.jwt.exception.JwtMalformedSharedSecretException: Failed to create MAC signer with the provided secret key
….Caused by: com.nimbusds.jose.KeyLengthException: The secret length must be at least 256 bits
Thank you
Christian Kaps
@akkie
So the issue is fixed?
gobandoGH
@gobandoGH
No it's not. I'm still working on it. I'll keep you posted
Thank you
gobandoGH
@gobandoGH
@akkie, What provisions should I take from a CSRF play´s perspective for a JWT authenticator to work ?
My app is based on the play-silhouette-seed adding new controllers to the CookieAuthenticator end-points.
Christian Kaps
@akkie
The exception contains the error message: The secret length must be at least 256 bits
This means that the shared secret you have configured for the JWT authenticator should be at least 256 bits long
Christian Kaps
@akkie
So if you use only ASCII characters, your shared secret should be at least 32 chars long
gobandoGH
@gobandoGH
That was. Working now. Thank you @akkie
Tudor Anastasiu
@skypper
Hey, could somebody please clarify to me how social login actually works in Silhouette. As far as I know, it uses the OAuth protocol (or OpenID) to grab the social information such as first name and last name, email, avatar url etc and then create an account in your database. How does it handle the authInfo though? Is it still based on access tokens?
Can it be adapted to work for mobile?
Thanks in advance!
ferrlin
@ferrlin
hey guys, im bumping version for project to use v6.1.0. Though, i can't seem to find artifacts for play-silhouette-persistence-reactivemongo" % "6.0.0".
Tudor Anastasiu
@skypper
Alright, seems that my previous questions didn't get an answer, so I'll ask in a different way. Is there a way to authenticate with a social provider in Silhouette given that I already have an access token?
Meaning that I did the authentication on mobile already and would like to authenticate with the server as well.
Christian Kaps
@akkie
@skypper Silhouette supports the authorization code grant. This means that it uses the client id and client secret to get an authorization code and then exchanging it for an access token. Silhouette uses the concept of an authenticator that will be passed to the client, after a successful authentication with a provider (social password, ...). On subsequent requests, the client passes this authenticator back to Silhouette to authenticate against a special resource endpoint on the server side. This authenticator can be a JWT, but it can currently only handle JWTs that are created and signed by Silhouette itself, because the internal structure of the JWT is the serialized form of the authenticator. It may be possible to create your own authenticator implementation, which can handle an access token and create an authenticator for it.