OAuth2 Library for Perfect
This project provides OAuth2 libraries and select OAuth2 provider drivers - Facebook, Google, GitHub.
Full documentation can be found at http://www.perfect.org/docs/OAuth2.html
A demo application can be found at https://github.com/PerfectExamples/Perfect-Authentication-Demo that shows the usage of the system.
This package builds with Swift Package Manager and is part of the Perfect project. It was written to be stand-alone and so does not require PerfectLib or any other components.
Ensure you have installed and activated the latest Swift 4.0 tool chain.
Adding to your project
Add this project as a dependency in your Package.swift file.
.Package(url: "https://github.com/PerfectlySoft/Perfect-OAuth2.git", majorVersion: 3)
To then use the OAuth2 module in your code:
Each provider needs an "appid", also known as a "key", and a "secret". These are usually generated by the OAuth Host, such as Facebook, GitHub and Google developer consoles. These values, as well as an "endpointAfterAuth" and "redirectAfterAuth" value must be set for each provider you wish to use.
To configure Facebook as a provider:
FacebookConfig.appid = "yourAppID" FacebookConfig.secret = "yourSecret" FacebookConfig.endpointAfterAuth = "http://localhost:8181/auth/response/facebook" FacebookConfig.redirectAfterAuth = "http://localhost:8181/"
To configure Google as a provider:
GoogleConfig.appid = "yourAppID" GoogleConfig.secret = "yourSecret" GoogleConfig.endpointAfterAuth = "http://localhost:8181/auth/response/google" GoogleConfig.redirectAfterAuth = "http://localhost:8181/"
To configure GitHub as a provider:
GitHubConfig.appid = "yourAppID" GitHubConfig.secret = "yourSecret" GitHubConfig.endpointAfterAuth = "http://localhost:8181/auth/response/github" GitHubConfig.redirectAfterAuth = "http://localhost:8181/"
The OAuth2 system relies on an authentication / exchange system, which requires a URL to be specially assembled that the user is redirected to, and a URL that the user is returned to after the user has committed the authorization action.
The first set of routes below are the action URL's that will redirect to the OAuth2 provider's system. They can be anything you wish them to be. The user will never see anything on them as they will be immediately redirected to the correct place.
The second set of routes below are where the OAuth2 provider should return the user to. Note that this is the same as the "endpointAfterAuth" configuration option. Once the "authResponse" function has been completed the user is automatically forwarded to the URL in the "redirectAfterAuth" option.
var routes: [[String: Any]] = [[String: Any]]() routes.append(["method":"get", "uri":"/to/facebook", "handler":Facebook.sendToProvider]) routes.append(["method":"get", "uri":"/to/github", "handler":GitHub.sendToProvider]) routes.append(["method":"get", "uri":"/to/google", "handler":Google.sendToProvider]) routes.append(["method":"get", "uri":"/auth/response/facebook", "handler":Facebook.authResponse]) routes.append(["method":"get", "uri":"/auth/response/github", "handler":GitHub.authResponse]) routes.append(["method":"get", "uri":"/auth/response/google", "handler":Google.authResponse])
Information returned and made available
After the user has been authenticated, certain information is gleaned from the OAuth2 provider.
Note that the session ID can be retrieved using:
The user-specific information can be accessed as part of the session info:
// The UserID as defined by the provider request.session?.userid // designates the OAuth2 source - useful if you are allowing multiple OAuth providers request.session?.data["loginType"] // The access token obtained in the process request.session?.data["accessToken"] // The user's first name as supplied by the provider request.session?.data["firstName"] // The user's last name as supplied by the provider request.session?.data["lastName"] // The user's profile picture as supplied by the provider request.session?.data["picture"]
With access to this information, you can now save to the database of your choice.
For more information on the Perfect project, please visit perfect.org.