Skip to content

curityio/twitter-authenticator

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Twitter Authenticator Plug-in

https://img.shields.io/badge/quality-production-green https://img.shields.io/badge/availability-bundled-green

This project provides an opens source Twitter Authenticator plug-in for the Curity Identity Server. This allows an administrator to add functionality to Curity which will then enable end users to login using their Twitter credentials. The app that integrates with Curity may also be configured to receive the Twitter access token and refresh token, allowing it to manage resources in Twitter.

System Requirements

Requirements for Building from Source

  • Maven 3
  • Java JDK v. 8

Compiling the Plug-in from Source

The source is very easy to compile. To do so from a shell, issue this command: mvn package.

This will place the package, along with the relevant dependencies, in the target/libs directory.

Installation

To install this plug-in, either download a binary version available from the releases section of this project's GitHub repository or compile it from source (as described above). If you compiled the plug-in from source, the package will be placed in the target/libs subdirectory. The resulting JAR file or the one downloaded from GitHub needs to placed in the directory ${IDSVR_HOME}/usr/share/plugins/twitter. (The name of the last directory, twitter, which is the plug-in group, is arbitrary and can be anything.) After doing so, the plug-in will become available as soon as the node is restarted.

Note

The JAR file needs to be deployed to each run-time node and the admin node. For simple test deployments where the admin node is a run-time node, the JAR file only needs to be copied to one location.

The following dependent JAR file must be in the same directory, the plugin group directory:

After running mvn package, this will be placed into the target/libs directory and can be copied from there to the plugin group directory.

For a more detailed explanation of installing plug-ins, refer to the Curity developer guide.

Creating an App in Twitter

As described in the Twitter documentation, you can create apps that use the Twitter APIs as shown in the following figure:

docs/images/create-twitter-app1.png

Fill in the name, description and website and save changes.

As you create it, you'll be shown the API Key and API secret Key. You'll need these later when configuring the plug-in in Curity.

From the app's main page, you need to enable OAuth by clicking on the Edit button next to Authentication settings. From there, click on Enable 3-legged OAuth. You may toggle on Request email address from users as well. Configure the callback URL. To obtain this, you'll need the endpoint of the server and the final part of the URL will be the ID of the Twitter authenticator and the string callback. An example configuration is shown in the following fiture:

docs/images/oauth-settings.png

Also, on the main app page in the Twitter developer portal, you can manage permissions in the Permissions section as show in below figure:

docs/images/twitter-update-permissions.png

Creating a Twitter Authenticator in Curity

The easiest way to configure a new Twitter authenticator is using the Curity admin UI. The configuration can be downloaded as XML from the CLI and the same can be done using CLI, so only the steps to do this in the GUI will be described.

  1. Go to the Authenticators page of the authentication profile wherein the authenticator instance should be created.

  2. Click the New Authenticator button.

  3. Enter a name (e.g., twitter1). This name needs to match the URI component in the callback URI set in the Twitter app.

  4. For the type, pick the Twitter option:

    docs/images/twitter-authenticator-type-in-curity.png
  5. On the next page, you can define all of the standard authenticator configuration options like any previous authenticator that should run, the resulting ACR, transformers that should executed, etc. At the top of the configuration page, the Twitter-specific options can be found.

    Note

    The Twitter-specific configuration is generated dynamically based on the configuration model defined in the Java interface.

  6. In the API Key textfield, enter the API Key from the Twitter client app.

  7. Also enter the API secret Key generated by Twitter when the app was created there.

Once all of these changes are made, they will be staged, but not committed (i.e., not running). To make them active, click the Commit menu option in the Changes menu. Optionally enter a comment in the Deploy Changes dialogue and click OK.

Once the configuration is committed and running, the authenticator can be used like any other.

License

This plugin and its associated documentation is listed under the Apache 2 license. Dependencies have their own licenses. Refer to the home page of those projects for details.

More Information

Please visit curity.io for more information about the Curity Identity Server.

Copyright (C) 2020 Curity AB.