OpenAuth Added to AOL CFC Project
Having demonstrated the integration of the AOL OpenAuth API into a ColdFusion application, the next natural move was to add this important functionality to our AOL API project on RIAForge. This week, I'll revisit the original post to demonstrate an even lighter code footprint that still provides the same powerful functionality of the OpenAuth scheme.
As previously demonstrated, the goal of this integration is to factor out authentication to the AOL OpenAuth service. The results of the interaction with this service will merge with our user-defined security framework (a couple of session-level variables) to provide a complete solution. It just works. As you'll recall, we used a simple chunk of code as shown in Listing 1 below to accomplish this goal. Basically this code determines whether the user is logged in. If they are not logged in, then they are prompted to do so using the AOL service and assuming success are redirected back to our site.
<cfapplication name="openAuthDemo" sessionmanagement="yes" setclientcookies="yes"> <cfparam name="request.successURL" default="http://localhost:8501/openauth/" /> <cfparam name="request.aolDevId" default="someAOLDevId" /> <cfparam name="session.loggedIn" default="false" /> <cfparam name="session.screenname" default="" /> <cfif session.loggedIn eq "false"> <!--- check for an access token ---> <cfif isDefined( "url.token_a" )> <cfset st_getInfo = openAuthGetInfo( url.token_a ) /> <!--- if the status comes back okay, preserve their status ---> <cfif StructKeyExists( st_getInfo, "statusText" )> <cfif st_getInfo.statusText eq "OK"> <cfset session.loggedIn = "true" /> <cfset session.screenname = st_getInfo.userData_loginId /> <cfelse> <cfset session.loggedIn = "false" /> <cfset session.screenname = "" /> </cfif> </cfif> <cfelse> <!--- login ---> <cfset loginURL = "http://api.screenname.aol.com/auth/login?f=qs" /> <cfset loginURL = ListAppend( loginURL, "devId=#request.aolDevId#", "&" ) /> <cfset loginURL = ListAppend( loginURL, "supportedIdType=SN,ICQ,OID", "&" ) /> <cfset loginURL = ListAppend( loginURL, "succUrl=#urlEncodedFormat( request.successURL )#", "&" ) /> <cflocation url="#loginURL#" /> </cfif> <cfelse> <cfoutput><em>#session.screenname#</em> is logged in.</cfoutput> </cfif>Listing 1 - Original Application.cfm
The code in Listing 1 certainly works but it requires the addition of another user-defined function to handle the getInfo function of the OpenAuth service as well as some extra code clutering up the body of Application.cfm. We might as well integrate all functionality used here and bundle with the AOL API CFCs we've been developing over the last couple of months. This new set of code is shown in Listing 2 below.
<cfapplication name="openAuthDemo" sessionmanagement="yes" setclientcookies="yes"> <cfparam name="request.successURL" default="http://localhost:8501/openauth/" /> <cfparam name="request.aolDevId" default="someAOLDevId" /> <cfparam name="session.loggedIn" default="false" /> <cfparam name="session.screenname" default="" /> <cfparam name="session.obj_openAuth" default="#CreateObject( 'component', 'AOL.OpenAuth' ).init( request.aolDevId, request.successURL )#" /> <cfif session.loggedIn eq "false"> <!--- check for an access token ---> <cfif isDefined( "url.token_a" )> <cfset st_getInfo = session.obj_openAuth.getInfo( url.token_a ) /> <!--- if the status comes back okay, preserve their status ---> <cfif StructKeyExists( st_getInfo, "statusText" )> <cfif st_getInfo.statusText eq "OK"> <cfset session.loggedIn = "true" /> <cfset session.screenname = st_getInfo.userData_loginId /> <cfelse> <cfset session.loggedIn = "false" /> <cfset session.screenname = "" /> </cfif> </cfif> <cfelse> <!--- login ---> <cfset session.obj_openAuth.login() /> </cfif> <cfelse> <cfoutput><em>#session.screenname#</em> is logged in.</cfoutput> </cfif>Application.cfm with Integrated AOL.OpenAuth CFC
We now have a lighter code footprint with method calls that makes immediate sense to the developer. Some of the key differences are as follows:
- A session-level variable named session.obj_openAuth is declared to hold the component instance of the AOL.OpenAuth CFC. This allows its functionality to be available at all times in our application.
- All code that handled any of the request preparation has been removed and is now handled within the CFC. This makes for cleaner code that is easy to maintain.
For a complete description of the functionality provided by the AOL.OpenAuth CFC, check out the AOL API project on RIAForge.org.
- bricemason's blog
- Login or register to post comments
- Subscribe
good material
still good material to read for today!