diff --git a/README.md b/README.md index fe82ca7..f3fc96f 100644 --- a/README.md +++ b/README.md @@ -8,11 +8,12 @@ The idea of this library originally comes from [oauth2-server](https://github.co ## Supported OAuth features -This library currently supports three grant types as follows +This library supports all grant types. - Authorization Code Grant - Resource Owner Password Credentials Grant - Client Credentials Grant +- Implicit Grant and an access token type called [Bearer](http://tools.ietf.org/html/rfc6750). @@ -24,7 +25,7 @@ If you'd like to use this with Play Framework, add "play2-oauth2-provider" to li ```scala libraryDependencies ++= Seq( - "com.nulab-inc" %% "play2-oauth2-provider" % "0.15.1" + "com.nulab-inc" %% "play2-oauth2-provider" % "0.16.0" ) ``` @@ -50,7 +51,7 @@ Add "scala-oauth2-core" instead. In this case, you need to implement your own OA ```scala libraryDependencies ++= Seq( - "com.nulab-inc" %% "scala-oauth2-core" % "0.15.1" + "com.nulab-inc" %% "scala-oauth2-core" % "0.16.0" ) ``` @@ -65,9 +66,9 @@ case class User(id: Long, name: String, hashedPassword: String) class MyDataHandler extends DataHandler[User] { - def validateClient(clientCredential: ClientCredential, grantType: String): Future[Boolean] = ??? + def validateClient(request: AuthorizationRequest): Future[Boolean] = ??? - def findUser(username: String, password: String): Future[Option[User]] = ??? + def findUser(request: AuthorizationRequest): Future[Option[User]] = ??? def createAccessToken(authInfo: AuthInfo[User]): Future[AccessToken] = ??? @@ -79,8 +80,6 @@ class MyDataHandler extends DataHandler[User] { def findAuthInfoByRefreshToken(refreshToken: String): Future[Option[AuthInfo[User]]] = ??? - def findClientUser(clientCredential: ClientCredential, scope: Option[String]): Future[Option[User]] = ??? - def deleteAuthCode(code: String): Future[Unit] = ??? def findAccessToken(token: String): Future[Option[AccessToken]] = ??? @@ -121,17 +120,48 @@ case class AuthInfo[User]( ### Work with Play Framework -You should follow three steps below to work with Play Framework. +You should follow four steps below to work with Play Framework. +* Customizing Grant Handlers * Define a controller to issue access token * Assign a route to the controller * Access to an authorized resource -First, define your own controller with mixining ```OAuth2Provider``` trait provided by this library to issue access token. +You want to use which grant types are supported or to use a customized handler for a grant type, you should override the ```handlers``` map in a customized ```TokenEndpoint``` trait. + +```scala +class MyTokenEndpoint extends TokenEndpoint { + override val handlers = Map( + OAuthGrantType.AUTHORIZATION_CODE -> new AuthorizationCode(), + OAuthGrantType.REFRESH_TOKEN -> new RefreshToken(), + OAuthGrantType.CLIENT_CREDENTIALS -> new ClientCredentials(), + OAuthGrantType.PASSWORD -> new Password(), + OAuthGrantType.IMPLICIT -> new Implicit() + ) +} +``` + +Here's an example of a customized ```TokenEndpoint``` that 1) only supports the ```password``` grant type, and 2) customizes the ```password``` grant type handler to not require client credentials: + +```scala +class MyTokenEndpoint extends TokenEndpoint { + val passwordNoCred = new Password() { + override def clientCredentialRequired = false + } + + override val handlers = Map( + OAuthGrantType.PASSWORD -> passwordNoCred + ) +} +``` + +Define your own controller with mixining ```OAuth2Provider``` trait provided by this library to issue access token with customized `TokenEndpoint`. ```scala import scalaoauth2.provider._ object OAuth2Controller extends Controller with OAuth2Provider { + override val tokenEndpoint = new MyTokenEndpoint() + def accessToken = Action.async { implicit request => issueAccessToken(new MyDataHandler()) } @@ -158,26 +188,7 @@ object MyController extends Controller with OAuth2Provider { } ``` -If you'd like to change the OAuth workflow, modify handleRequest methods of TokenEndPoint and ```ProtectedResource``` traits. - -### Customizing Grant Handlers - -If you want to change which grant types are supported or to use a customized handler for a grant type, you can -override the ```handlers``` map in a customized ```TokenEndpoint``` trait. Here's an example of a customized -```TokenEndpoint``` that 1) only supports the ```password``` grant type, and 2) customizes the ```password``` grant -type handler to not require client credentials: - -```scala -class MyTokenEndpoint extends TokenEndpoint { - val passwordNoCred = new Password() { - override def clientCredentialRequired = false - } - - override val handlers = Map( - OAuthGrantType.PASSWORD -> passwordNoCred - ) -} -``` +If you'd like to change the OAuth workflow, modify handleRequest methods of `TokenEndPoint` and `ProtectedResource` traits. ### Using Action composition @@ -216,4 +227,5 @@ object MyController extends Controller { - [Typetalk](https://typetalk.in/) - [Backlog](https://backlogtool.com/) -- [Flic by Shortcut Labs](https://flic.io/) +- [Flic by Shortcut Labs]( +) diff --git a/project/Build.scala b/project/Build.scala index 224f4d8..cd6e151 100644 --- a/project/Build.scala +++ b/project/Build.scala @@ -5,11 +5,11 @@ import com.typesafe.sbt.SbtScalariform._ object ScalaOAuth2Build extends Build { lazy val _organization = "com.nulab-inc" - lazy val _version = "0.16.0-SNAPSHOT" - lazy val _playVersion = "2.4.0" + lazy val _version = "0.16.0" + lazy val _playVersion = "2.4.6" val _scalaVersion = "2.10.5" - val _crossScalaVersions = Seq("2.10.5", "2.11.6") + val _crossScalaVersions = Seq("2.10.5", "2.11.7") val commonDependenciesInTestScope = Seq( "org.scalatest" %% "scalatest" % "2.2.4" % "test"