OAuth1 token secret

Silhouette

Silhouette is an authentication library for Play Framework applications that supports several authentication methods, including OAuth1, OAuth2, OpenID, CAS, Credentials, Basic Authentication, Two Factor Authentication or custom authentication schemes.

To configure the CookieSecret provider you must use the CookieSecretSettings class. This class has the following form:

case class CookieSecretSettings(
  cookieName: String = "OAuth1TokenSecret",
  cookiePath: String = "/",
  cookieDomain: Option[String] = None,
  secureCookie: Boolean = true,
  httpOnlyCookie: Boolean = true,
  expirationTime: FiniteDuration = 5 minutes)

Property	Description
`cookieName	The cookie name
`cookiePath`	The cookie path
`cookieDomain`	The cookie domain
`secureCookie`	Whether this cookie is secured, sent only for HTTPS requests Note: This should be disabled for testing on localhost without SSL, otherwise cookie couldn't be set
`httpOnlyCookie`	Whether this cookie is HTTP only, i.e. not accessible from client-side JavaScript code
`expirationTime`	Secret expiration. Defaults to 5 minutes which provides sufficient time to log in, but not too much. This is a balance between convenience and security

oauth1TokenSecretProvider.cookieName = "OAuth1TokenSecret"
oauth1TokenSecretProvider.cookiePath = "/"
oauth1TokenSecretProvider.secureCookie = false
oauth1TokenSecretProvider.httpOnlyCookie = true
oauth1TokenSecretProvider.expirationTime = 5 minutes

What's Next