SocialAuthenticationFilter sample forthcoming

[habuma]

You don't update the existing connection. If the token is new, you remove the old connection and create a new one. I know that to work, because I've got some experimental code to do just that (experimental code that I need to dust off and make non-experimental soon...but that's a problem for another day).

In short, at the moment, there is no *direct* support in Spring Social for working with canvas apps. But that doesn't mean it can't be done.

With regard to the question of how it can be done, I'm working on an example to show how to do that. But I have other items already in progress that take a higher priority (and are being asked for with just as much urgency as your request), so I must ask for your patience in this matter. I promise that I will try to squeeze in the updates to the canvas sample as soon as I possibly can. Believe me when I say that *I* really want to complete that sample, as the obsessive/compulsive side of me can't stand that there's a wrong canvas sample and a gap in coverage there. :-)

In the meantime, if you happen to dig around discover an approach that works for you, I encourage you to post your findings here or to blog about it so that the community can learn from it.

With regard to building against 3.2.0 vs. 3.1.3, Spring Social (as I'm building it) is compiled against Spring 3.1.3. I can't speak for Spring Security or for your own project. But from what I see in the other thread, it looks like you had two of the same controller in play (one from a @Bean declaration and one from component-scanning). That would explain your ambiguous mapping problem.

[blandger]

You don't update the existing connection. If the token is new, you remove the old connection and create a new one. I know that to work,..

Thank you, I'll try to go that way.

In short, at the moment, there is no *direct* support in Spring Social for working with canvas apps. But that doesn't mean it can't be done.

Sure, I'm in that game now.

With regard to the question of how it can be done, I'm working on an example to show how to do that.

I just trying to ask your advice in order to fix my code with less efforts later when you release new version.

But I have other items already in progress that take a higher priority (and are being asked for with just as much urgency as your request), so I must ask for your patience in this matter......

I see, take your time.

In the meantime, if you happen to dig around discover an approach that works for you,.......

I have to do that, no much choices for now.

I encourage you to post your findings here or to blog about it so that the community can learn from it.

I'll try.

With regard to building against 3.2.0 vs. 3.1.3, Spring Social (as I'm building it) is compiled against Spring 3.1.3. I can't speak for Spring Security or for your own project. But from what I see in the other thread, it looks like you had two of the same controller in play (one from a @Bean declaration and one from component-scanning). That would explain your ambiguous mapping problem.

Yes, that was simple and stupid error, but nobody could give good advice.
I'm using Spring Social + Social Security + Social FB compiled against 3.2.0 and don't see something strange at that time.

[blandger]

You don't update the existing connection. If the token is new, you remove the old connection and create a new one. I know that to work, because I've got some experimental code to do just that (experimental code that I need to dust off and make non-experimental soon...but that's a problem for another day)........

I don't see it's a good idea.
If I remove Connection from DB the only way to recreate it make almost 'full OAuth dance' flow.

Code:

org.springframework.social.connect.web
public class ConnectSupport {
......
	public Connection<?> completeConnection(OAuth2ConnectionFactory<?> connectionFactory, NativeWebRequest request) {
		String code = request.getParameter("code");
		try {
			AccessGrant accessGrant = connectionFactory.getOAuthOperations().exchangeForAccess(code, callbackUrl(request), null);
			return connectionFactory.createConnection(accessGrant);
..........

I hardly think it's a good idea to send FB user with 'confirmed FB app' permissions and already installed FB app.
Having only limited info from 'signed_request', I would like update existing record for FB user with new 'auth_token', 'expired_time' values and go. I have not much experience with that stuff. That my thoughts from code and my efforts.
Dig that stuff farther...

[habuma]

As promised, some new sample code demonstrating the use of SocialAuthenticationFilter is now available. Specifically, you'll want to have a look at the following four examples:

- https://github.com/SpringSource/spri...ocial-showcase
- https://github.com/SpringSource/spri...l-showcase-xml
- https://github.com/SpringSource/spri...l-showcase-sec
- https://github.com/SpringSource/spri...owcase-sec-xml

The first two examples listed here actually have nothing to do with SocialAuthenticationFilter, but do show an equivalent configuration that uses ProviderSignInController for provider signin instead of SocialAuthenticationFilter.

The second two examples use SocialAuthenticationFilter instead of ProviderSignInController. One uses Java-based configuration and the other uses XML-based configuration. (Note that I've also updated both XML-based apps to be completely XML-configured; previously it was only the Spring Social bits that were XML-configured.)

All of these examples build against the latest snapshot builds of Spring Social. As this is working against snapshot code, consider it a work-in-progress and subject to change as I continue to polish the code. Now that this is complete, I hope to push a new milestone build later this week.