From: Kai Moritz Date: Fri, 22 Jan 2016 10:08:05 +0000 (+0100) Subject: Authentication through the canvas-attribute signed_request X-Git-Tag: part-06 X-Git-Url: http://juplo.de/gitweb/?a=commitdiff_plain;h=2050f0ba66eda0003559b4f4b13aabf31ade350e;p=examples%2Ffacebook-app Authentication through the canvas-attribute signed_request --- diff --git a/keystore b/keystore new file mode 100644 index 0000000..75b82ef Binary files /dev/null and b/keystore differ diff --git a/pom.xml b/pom.xml index c025b24..73ce372 100644 --- a/pom.xml +++ b/pom.xml @@ -28,6 +28,7 @@ NOT_SET NOT_SET + NOT_SET @@ -43,6 +44,15 @@ org.slf4j slf4j-api + + org.springframework.social + spring-social-facebook-web + + + org.springframework.security + spring-security-crypto + runtime + diff --git a/src/main/java/de/juplo/yourshouter/SocialConfig.java b/src/main/java/de/juplo/yourshouter/SocialConfig.java index ff69151..fc136ad 100644 --- a/src/main/java/de/juplo/yourshouter/SocialConfig.java +++ b/src/main/java/de/juplo/yourshouter/SocialConfig.java @@ -21,6 +21,7 @@ import org.springframework.social.connect.web.ProviderSignInController; import org.springframework.social.connect.web.SignInAdapter; import org.springframework.social.facebook.api.Facebook; import org.springframework.social.facebook.connect.FacebookConnectionFactory; +import org.springframework.social.facebook.web.CanvasSignInController; /** @@ -141,6 +142,33 @@ public class SocialConfig extends SocialConfigurerAdapter return controller; } + /** + * Configure the {@link CanvasSignInController} to enable sign-in through + * the signed_request, that Facebook sends to the canvas-page. + * + * @param factoryLocator The {@link ConnectionFactoryLocator} will be injected by Spring. + * @param repository The {@link UserConnectionRepository} will be injected by Spring. + * @param env The {@link Environment}, to read additional parameters from. + * @return The configured {@link CanvasSignInController} + */ + @Bean + public CanvasSignInController canvasSignInController( + ConnectionFactoryLocator factoryLocator, + UsersConnectionRepository repository, + Environment env + ) + { + return + new CanvasSignInController( + factoryLocator, + repository, + new UserCookieSignInAdapter(), + env.getProperty("facebook.app.id"), + env.getProperty("facebook.app.secret"), + env.getProperty("facebook.app.canvas") + ); + } + /** * Configure a scoped bean named facebook, that enables * access to the Graph-API in the name of the current user. diff --git a/src/main/java/de/juplo/yourshouter/UserCookieInterceptor.java b/src/main/java/de/juplo/yourshouter/UserCookieInterceptor.java index c72ef41..1b00e09 100644 --- a/src/main/java/de/juplo/yourshouter/UserCookieInterceptor.java +++ b/src/main/java/de/juplo/yourshouter/UserCookieInterceptor.java @@ -3,6 +3,7 @@ package de.juplo.yourshouter; import java.io.IOException; import java.util.Collections; +import java.util.regex.Pattern; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.slf4j.Logger; @@ -21,6 +22,7 @@ public final class UserCookieInterceptor extends HandlerInterceptorAdapter { private final static Logger LOG = LoggerFactory.getLogger(UserCookieInterceptor.class); + private final static Pattern PATTERN = Pattern.compile("^/signin|canvas"); private final UsersConnectionRepository repository; @@ -66,7 +68,7 @@ public final class UserCookieInterceptor extends HandlerInterceptorAdapter throws IOException { - if (request.getServletPath().startsWith("/signin")) + if (PATTERN.matcher(request.getServletPath()).find()) return true; String user = UserCookieGenerator.INSTANCE.readCookieValue(request); diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 21463c2..46ade25 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -1,5 +1,10 @@ facebook.app.id=@facebook.app.id@ facebook.app.secret=@facebook.app.secret@ +facebook.app.canvas=@facebook.app.canvas@ + +server.port: 8443 +server.ssl.key-store: keystore +server.ssl.key-store-password: secret spring.thymeleaf.prefix=/thymeleaf/ spring.thymeleaf.cache=false