4 Using the Plugin - Reference Documentation
Authors: Antony Jones, Peter Ledbrook
Version: 2.2.1
4 Using the Plugin
Using the oauth plugin in your application requires a few simple steps.Using the Tag Library
To render a user-clickable link in your application which will direct them to a provider's authentication page, use theconnect
tag:<oauth:connect provider="twitter">Connect to Twitter</oauth:connect>
<g:link />
tag can accept, for example, to set a css id on the generated link:<oauth:connect provider="facebook" id="facebook-connect-link">Connect to Facebook</oauth:connect>
Receiving the oauth AccessToken
After a user clicks your link, they will be sent back to the successUrl you specified in your configuration (or failureUrl if something went wrong). At this point there will be a session variable calledproviderName:oasAccessToken
(where providerName is one of your configured provider names) which contains an org.scribe.model.Token
instance, which is your Access Token.It is recommended not to tie yourself to the name of the session key listed in the previous paragraph. To avoid this situation, the method OauthService.findSessionKeyForAccessToken
which takes your provider name as its only parameter should be used to determine the session key, as follows:class MyClass { OauthService oauthService // or new OauthService() would work if you're not in a spring-managed class. Token getToken() { String sessionKey = oauthService.findSessionKeyForAccessToken('twitter') return session[sessionKey] } }
Requesting a resource using your AccessToken
Provided your access token is now present, you now can request oauth protected resources from your third-party provider!import uk.co.desirableobjects.oauth.scribe.OauthServiceclass MyService {
OauthService oauthService def myMethod() {
Token twitterAccessToken = session[oauthService.findSessionKeyForAccessToken('twitter')]
Token linkedInAccessToken = session[oauthService.findSessionKeyForAccessToken('linkedin')] oauthService.getTwitterResource(twitterAccessToken, 'http://api.yourprovider.com/users/list')
oauthService.postLinkedInResource(linkedInAccessToken, 'http://api.yourprovider.com/users/list')
}
}
OauthService.<method><provider>Resource(accessToken, url)
.In the above example:component | description |
---|---|
method | is the HTTP method used, one of put, post, get, delete, head, or options. |
url | is the url of the oauth-protected resource you are trying to access. |
provider | is the provider name configured in your oauth configuration. |
accessToken | is the access token you were given (via the session) when the user authenticated themselves with the provider. |