How to use OpenId based provider?

Hello,

I trying to use Silhouette with OpenId provider in a Play Framework Scala application. The provider is Okta.

Being a newbie I have difficulty understanding how to implement controller authentication method based on the documentation article alone…

  • Does Silhouette work with OpenId providers other than steam and yahoo?
  • Could you point out a working Scala example of Silhouette with a Provider (preferably an OpenId provider)?
  • Any tips/suggestions on integrating with Okta or any OpenId provider will be super-helpful.

Thank you in advance!

Roni.

Hi,

it seems that Okta is using OpenID Connect which is currently not supported by Silhouette. Silhouette has an integration for https://auth0.com/ which is a similar project and which is based on OAuth2.

It can be the case that Okta does also work with OAuth2 be cause OpenID Connect is based on OAuth2. But in this case, you must implement your own provider.

Best regards,
Christian

Thank you @akkie!

OAuth2 is a good option too - Okta fully supports it! I will try to create a custom provider based on one of the Silhouette build-in providers, such as GoogleProvider.

@roni Would be great if you could contribute it back with some tests, so that others can also benefit from it.

Sure, @akkie, if it works for us i will be happy to contribute!

Hi @roni how did things turn out for you? Some users of my software, are interested in logging in with Okta, they too. — Did you maybe create an Okta OAuth2 provider?

Hey @kajmagnus thanks for checking! I implemented the Okta provider and it worked! Unfortunately as of now it is a part of proprietary code that belongs to my employer. I will be very happy to contribute it to the Silhouette code base myself but I need their formal permission to do so.

I will ask for the permission and will post the update on this thread in a day or two. Please note that if the permission is granted it may require several weeks to have it done. I’d need to set up the development environment and write all tests as well. How soon you’d need it?

Hi @roni thanks for the reply and for being interested in open sourcing the code :- )

The team-inside-a-large-company that asks for this, have been using Talkyard for many months, although there is currently no Okta login integration / plugin. Apparently they’re okay with waiting for fairly long.

Hi @kajmagnus, the company did not grant me the permission to open-source Okta provider implementation. I am sorry… It is regrettable as both the community and the company would benefit from open sourcing it…

Hi @roni, okay. Thanks anyway for taking the time to think about it, and asking them :- )

I found an auth lib, pac4j, which apparently supports Okta; maybe I’ll look into using it.

Sorry to say that, but this is a huge problem in our society. Companies use open source software, make money with it, but they are not willing to contribute something back. That is a really sad situation.

It’s not really hard to create a new provider. It’s only one file to create.

@akkie I feel very bad about the company’s decision, especially after all great help and support that you provided on this forum. I raised the question with the management twice, and both times the result was the same…

Indeed it is not hard to create, and it would not be much different from other OAuth2 providers implementations.