OAuth2

The Perfect Authentication OAuth2 provides OAuth2 libraries and OAuth2 provider drivers for Facebook, Google, and GitHub.

A demo application can be found at https://github.com/PerfectExamples/Perfect-Authentication-Demo that shows the usage of the libraries and providers.

Adding to your project

Add this project as a dependency in your Package.swift file.

.Package(url: "https://github.com/PerfectlySoft/Perfect-Authentication.git", majorVersion: 3)

To then use the OAuth2 module in your code:

import OAuth2

Configuration

Each provider needs an "appid", also known as a "key", and a "secret". These are usually generated by the OAuth Host, such as Facebook, GitHub and Google developer consoles. These values, as well as an "endpointAfterAuth" and "redirectAfterAuth" value must be set for each provider you wish to use.

To configure Facebook as a provider:

FacebookConfig.appid = "yourAppID"
FacebookConfig.secret = "yourSecret"
FacebookConfig.endpointAfterAuth = "http://localhost:8181/auth/response/facebook"
FacebookConfig.redirectAfterAuth = "http://localhost:8181/"

To configure Google as a provider:

GoogleConfig.appid = "yourAppID"
GoogleConfig.secret = "yourSecret"
GoogleConfig.endpointAfterAuth = "http://localhost:8181/auth/response/google"
GoogleConfig.redirectAfterAuth = "http://localhost:8181/"

To configure GitHub as a provider:

GitHubConfig.appid = "yourAppID"
GitHubConfig.secret = "yourSecret"
GitHubConfig.endpointAfterAuth = "http://localhost:8181/auth/response/github"
GitHubConfig.redirectAfterAuth = "http://localhost:8181/"

Adding Routes

The OAuth2 system relies on an authentication / exchange system, which requires a URL to be specially assembled that the user is redirected to, and a URL that the user is returned to after the user has committed the authorization action.

The first set of routes below are the action URLs that will redirect to the OAuth2 provider's system. They can be anything you wish them to be. The user will never see anything on them as they will be immediately redirected to the correct location.

The second set of routes below are where the OAuth2 provider should return the user to. Note that this is the same as the "endpointAfterAuth" configuration option. Once the "authResponse" function has been completed the user is automatically forwarded to the URL in the "redirectAfterAuth" option.

var routes: [[String: Any]] = [[String: Any]]()

routes.append(["method":"get", "uri":"/to/facebook", "handler":Facebook.sendToProvider])
routes.append(["method":"get", "uri":"/to/github", "handler":GitHub.sendToProvider])
routes.append(["method":"get", "uri":"/to/google", "handler":Google.sendToProvider])

routes.append(["method":"get", "uri":"/auth/response/facebook", "handler":Facebook.authResponse])
routes.append(["method":"get", "uri":"/auth/response/github", "handler":GitHub.authResponse])
routes.append(["method":"get", "uri":"/auth/response/google", "handler":Google.authResponse])

Information returned and made available

After the user has been authenticated, certain information is gleaned from the OAuth2 provider.

Note that the session ID can be retrieved using:

request.session?.token

The user-specific information can be accessed as part of the session info:

// The UserID as defined by the provider
request.session?.userid

// designates the OAuth2 source - useful if you are allowing multiple OAuth providers
request.session?.data["loginType"]

// The access token obtained in the process
request.session?.data["accessToken"]

// The user's first name as supplied by the provider
request.session?.data["firstName"]

// The user's last name as supplied by the provider
request.session?.data["lastName"]

// The user's profile picture as supplied by the provider
request.session?.data["picture"]

With access to this information, you can now save to the database of your choice.