In our current project we were asked to implement twitter signup/login functionality using Oauth . We did some research and decided to use the Oauth Plugin and here are the steps we followed :
Step 1 : Install the Oauth plugin
We opened BuildConfig.groovy and added the following dependency inside plugins section :
1 |
compile ":oauth:2.1.0" |
Step 2 : Sign up as twitter developer and create a new application
You can sign up for twitter developer account from the this link. After successful sign in/sign up all you need to do is to create a new application. You can create a new application from your dashboard.
- Click on “Create New Application” button
- Fill out the form
- On this page enter the Website URL. Let’s assume your website is jftblogpost.com and if you are running your grails application on your local machine then you have to edit your host file and map 127.0.0.1 to your website URL using the following :
-
1127.0.0.1 jftblogpost.com
You can check
to find out how to modify your host file.
- Till now you are done mapping your website to localhost but the callback URL in twitter app is still not done. If your grails application is running on root context then you need to add the following in callback URL :
1http://jftblogpost.com/oauth/twitter/callback
But if you are app is not running in the root context then you need to add the app name in the callback URL and the value will look like this
1http://jftblogpost.com/appname/oauth/twitter/callback - Save these changes and now let’s get back to your Grails application
Step 3 : Add Config values in Config.groovy
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
oauth { providers { twitter { api = org.scribe.builder.api.TwitterApi key = 'XXXXXXXXXXX' //Your twitter app key secret = 'XXXXXXXXXX' //Your twitter app secret callback = "http://jftblogpost.com/oauth/twitter/callback" successUri = "http://jftblogpost.com/oauthCallBack/twitter" /*The app is running in root context that's why we are putting any name after the jftblogpost.com. If your application is not running on root context, please modify the above URL*/ } } } grails.twitter.api.url = "https://api.twitter.com/oauth/authorize" |
Step 4 : Add twitter link in your sign up page
This is the easy part. You just need to add a new tag to your sign up page. It is mentioned in the official docs that you need to add the following tag in your GSP :
1 |
Sign in with twitter |
Now if you try to sign up using twitter you will be taken to twitter but as soon as you return back to your Grails application after authentication you will get an error. Because there is no handler for handling twitter response. Let’s create a controller which handles the response from twitter.
Step 5 : Add handler for twitter response
You may have noticed that we entered Site URL in twitter app which contains the following oauth/twitter/callback . In simple words we have to create a controller with name oauth and an action twitter inside the controller. You are free to modify the controller/action name as per your convenience. This is how my controller/action looks like :
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 |
package com.jftBlogPost.oauth import org.scribe.model.Token class OauthCallBackController { def oauthService def grailsApplication def springSecurityService def twitter() { Token tAT = (Token) session[oauthService.findSessionKeyForAccessToken('twitter')] def resourceURL = "https://api.twitter.com/1.1/account/settings.json" def twitterResource = oauthService.getTwitterResource(tAT, resourceURL) def twitterResponse = JSON.parse(twitterResource?.getBody()) log.debug("twitterResponse ****************" + twitterResponse) def twitterURL = "https://api.twitter.com/1.1/users/show.json?screen_name=" def screenNameURL= twitterURL + twitterResponse['screen_name'] def tResource = oauthService.getTwitterResource(twitterAccessToken, screenNameURL) def tResponse = JSON.parse(tResource?.getBody()) log.debug("twitterResponseDetailed****************" + tResponse) String userName = twitterResponse['screen_name'] String twitterId = twitterResponseDetailed['id'] log.debug("twitterId***************" + twitterId) User user = User.findByTwitterId(twitterId) if (user) { // If user found with this twitter id, authenticate him springSecurityService.reauthenticate(userName) } else { /* Write code to redirect user to your sign up page. Make sure you persist the facebook id for future use */ } } } |
This is it. Hope it helps you in some way.
Thanks for the post on oauth and grails I hadn’t heard of scribe looks really good. Thanks again.