4

I would like to build a web service (RESTful JSON API) and I would like to secure my API with OAuth 1.0 or 2.0. I'm using Play2 with Scala and I cannot find examples on writing OAuth providers (not consumers) in Scala nor in Play2.

I believe the combination should be very familiar, suppose you are building an API like GitHub and you want to authorize certain applications and offer them CONSUMER_KEY, CONSUMER_SECRET to access your APIs. There must be an easy-to-use library to help you do that. Not to say that this should be baked into Play2.

Any ideas? libraries? tricks?

Ahmed Farghal
  • 1,294
  • 11
  • 17
  • The Scalatra guys are [also building](https://github.com/scalatra/oauth2-server) an OAuth2 server, and I hope they're not too put off by [recent negative commentary](http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell/) about the OAuth2 process, but there's a good sample of code for you to peruse. – opyate Aug 10 '12 at 14:24

1 Answers1

0

We built an OAuth 1.0 provider in Scala/Lift. Its coded for the Open Bank Project but should be pretty easy to extract for another Lift app.

Please See:

https://github.com/OpenBankProject/OpenBankProject-Server/wiki/OAuth-1.0-client---Server-connexion

By the way, we chose OAuth 1.0 rather than OAuth 2.0 because OAuth 2.0 is not really fixed yet.

cheers, Simon.

Simon Redfern
  • 1
  • Not just not really fixed, but a royal PITA: http://hueniverse.com/2012/07/oauth-2-0-and-the-road-to-hell/ – opyate Aug 10 '12 at 14:22