cfoauth

The tag allows you to easily integrate third-party Oauth 2 authentication provider in your application. This tag currently supports Facebook and Google authentication. Also, this tag supports Oauth providers that support the Oauth 2 protocols. For instance, Microsoft and GitHub.

If type is not Facebook or Google then use access token endpoint and other attributes.

  <cfoauth>

 cfoauth();

This tag requires Adobe ColdFusion 11 and up.  Not supported on Lucee, etc.

Attribute Reference

Type string
Required

Currently supported values are Facebook and Google. Implicitly supports the authentication workflow of Facebook and Google.
Values:
  • Facebook
  • Google

clientid string
Required

Unique ID generated while registering your application with the Oauth provider.

scope string

Scopes are the permissions that a developer seeks from the users. These are usually comma separated values of permissions.
Refer to the Oauth provider's documentations for more information.
For example, after Facebook authentication, if a developer wants to access an email address and then the friend lists of a user, the developer will use:
scope=email,read_friendlists.
Note: The scope name varies for different Oauth providers.

state string

The state variable is used to pass back any information to your web application after the authentication and redirection are completed. Any value passed to this attribute is returned to the web application after authentication. This is useful for CSRF (Cross-site request forgery) protection. You can use ColdFusion’s security-related CSRF functions for this attribute.

authendpoint string

If type is not specified, this will be used as endpoint URL to be invoked for user authentication.

accesstokenendpoint string

If type is not specified this will be used as end point URL to be invoked for app authentication.

secretkey string

Parameter is the App Secret as displayed in your social media app's settings.

result variableName

A struct which will have login info of the user including login success/failure, failure reason, user name, user id.

redirecturi string

This will default to the URL which is executing the code. So if in oauth settings user has given app URL as : http://domainname/appname And the file executing the code is : http://domainname/appname/login.cfm The redirect URI will be : http://domainname/appname/login.cfm

urlparams string

Extra options which will be passed as URL query string to authendpoint.

Links more information about cfoauth

Examples
Sample code using the cfoauth tag

The following example shows a simple authentication:

<cflogin>
<cfoauth
	type="Facebook"
	clientid="YOUR_CLIENT_ID"
	secretkey="YOUR_SECRET_KEY"
	result="res"
	redirecturi="http://localhost:8500/doc/login.cfm"
>
<cfloginuser name="#res.other.username#" password="#res.access_token#" roles="user"/>
</cflogin>
<cflocation url="http://localhost:8500/doc/index.cfm">

The following example shows a simple authentication:

cflogin() {
 cfoauth(
 type="Google",
 clientid="YOUR_CLIENT_ID",
 secretkey="YOUR_GOOGLE_CLIENTSECRET",
 redirecturi="YOUR_CALLBACK_URI",
 result="res",
 scope="YOUR_SCOPES",
 state="cftoken=#cftoken#"
 );
 cfloginuser(name="#res.other.email#", password="#res.access_token#", roles="user");
 }

Signup for cfbreak to stay updated on the latest news from the ColdFusion / CFML community. One email, every friday.

Fork me on GitHub