The <cfoauth> tag allows you to easily integrate third-party OAuth 2 authentication providers in your application. This tag currently supports Facebook and Google authentication. Also, this tag supports OAuth providers that support the OAuth 2 protocols. For instance, Microsoft and Github.
<cfoauth type = "" clientid = "" scope = "" state = "" authendpoint = "" secretkey = "" accesstokenendpoint = "" result = "" redirecturi = "" urlparams = "" >
Attribute |
Req/Opt |
Default |
Description |
Type="facebook" |
One of the following is required: type or Either type can be specified or endpoints combination but not both |
|
Currently supported values are |
clientid |
required |
|
Unique ID generated while registering your application with the OAuth provider. |
scope |
optional |
For Facebook: For Google: https://www.googleapis.com |
Scopes are the permissions that a Refer to the Oauth provider's For example, after Facebook For another example, after Google Note: The scope name varies for different OAuth providers. |
state |
optional |
|
The state variable is used to pass back any information to your web application after the authentication and redirection are completed. Any value passed to this attribute is returned to the web application after authentication. This is useful for CSRF (Cross-site request forgery) protection. You can use ColdFusion’s security-related CSRF functions for this attribute. |
authendpoint |
One of the following is required: type or Either type can be specified or endpoints combination but not both |
For Facebook: For Google: |
If type is not specified, this will be used as end point URL to be invoked for user authentication. |
secretkey |
optional |
|
Parameter is the App Secret as displayed in your social media app's settings. |
accesstoken |
One of the following is required: type or Either type can be specified or endpoints combination but not both |
|
If type is not specified this will be used as end point URL to be invoked for app authentication. |
result |
optional |
|
A struct which will have login info of the user including login success/failure, failure reason, user name, user id. |
redirecturi |
optional |
This will default to the URL which is executing the code. http://domainname And the file executing the code is : http://domainname The redirect URI will be : http://domainname |
To redirect once user authentication is done. |
urlparams |
optional |
|
Extra options which will be passed as URL query string to authendpoint. |
Register your application in the OAuth 2 provider site with the relevant site-specific application details. (For instance, in Facebook you must create the Facebook App ID and App Secret).
In ColdFusion, specify your ID and App Secret in the cfoauth tag.
ColdFusion implicitly supports FB and Google. For other sites, use auth and access token endpoints and other attributes.
<cfoauth type = "Facebook|Google...." clientid = "" scope = "" state = "" authendpoint = "" secretkey = "" accesstokenendpoint = "" result = "" redirecturi = "" urlparams = "" >
redirecturi will default to the URL which is executing the code. For example, if in OAuth settings user has entered the app URL as: http://domainname/appname and the file executing the code as http://domainname/appname/login.cfm, the redirect URI will be: http://domainname/appname/login.cfm.
Also, register your domain details in your social media site.
If the user has already authorized your application, but you are requesting additional permissions in the scope parameter, the user will be presented with a dialog which shows only the requested permissions that the user has not already granted your application.
The following example shows a simple authentication:
<cflogin> <cfoauth type = "Facebook" clientid = "YOUR_CLIENT_ID" secretkey = "YOUR_SECRET_KEY" result = "res" redirecturi = "http://localhost:8500/doc/login.cfm" > <cfloginuser name = "#res.other.username#" password = "#res.access_token#" roles = "user"/> </cflogin> <cflocation url="http://localhost:8500/doc/index.cfm" >
Sign in to your account