This example provides a high-level view of how OpenID authentication can be used within a Play application:
For each request, check if the user is connectedIf not, display a page where the user can submit his OpenIDRedirect the user to the OpenID providerWhen the user comes back, get the verified OpenID and save it in the HTTP session.The OpenID functionality is provided by the play.libs.OpenID class.
@Before(unless={"login", "authenticate"}) static void checkAuthenticated() { if(!session.contains("user")) { login(); } } public static void index() { render("Hello %s!", session.get("user")); } public static void login() { render(); } public static void authenticate(String user) { if(OpenID.isAuthenticationResponse()) { UserInfo verifiedUser = OpenID.getVerifiedID(); if(verifiedUser == null) { flash.error("Oops. Authentication has failed"); login(); } session.put("user", verifiedUser.id); index(); } else { if(!OpenID.id(user).verify()) { // will redirect the user flash.error("Cannot verify your OpenID"); login(); } } }And the login.html template:
#{if flash.error} <h1>${flash.error}</h1> #{/if} <form action="@{Application.authenticate()}" method="POST"> <label for="user">What’s your OpenID?</label> <input type="text" name="user" id="user" /> <input type="submit" value="login..." /> </form> </code>And finally the routes definitions:
GET / Application.index GET /login Application.login * /authenticate Application.authenticate
