You are viewing the documentation for Play 1. The documentation for Play 2 is here.
Integrate with OpenID
OpenID is an open and decentralized identity system. You can easily accept new users in your application without having to keep specific user information. You just have to keep track of authorized users through their OpenID.
A simple OpenID authentication example
This example provides a high-level view of how OpenID authentication can be used within a Play application:
- For each request, check if the user is connected
- If not, display a page where the user can submit his OpenID
- Redirect the user to the OpenID provider
- When the user comes back, get the verified OpenID and save it in the HTTP session.
The OpenID functionality is provided by the play.libs.OpenID class and is built using OpenID4Java.
@Before(unless={"login", "authenticate"})
static void checkAuthenticated() {
if(!session.contains("user")) {
login();
}
}
public static void index() {
render("Hello %s!", session.get("user"));
}
public static void login() {
render();
}
public static void authenticate(String user) {
if(OpenID.isAuthenticationResponse()) {
UserInfo verifiedUser = OpenID.getVerifiedID();
if(verifiedUser == null) {
flash.error("Oops. Authentication has failed");
login();
}
session.put("user", verifiedUser.id);
index();
} else {
if(!OpenID.id(user).verify()) { // will redirect the user
flash.error("Cannot verify your OpenID");
login();
}
}
}
And the login.html template:
#{if flash.error}
<h1>${flash.error}</h1>
#{/if}
<form action="@{Application.authenticate()}" method="POST">
<label for="user">What’s your OpenID?</label>
<input type="text" name="user" id="user" />
<input type="submit" value="login..." />
</form>
</code>
And finally the routes definitions:
GET / Application.index
GET /login Application.login
* /authenticate Application.authenticate