This page provides instructions on how to configure the Reddit authenticator and Identity Server using a sample app. The Reddit authenticator is configured as a federated authenticator in WSO2 Identity Server to authenticate Reddit users to log in to your organisation’s applications.
You can find more information in the following sections.
This is tested for the Reddit API version 1.0. Reddit Authenticator is supported by Identity Server 5.1.0 upwards.
Deploying Reddit artifacts
Download the WSO2 Identity Server from here.
Download the Reddit authenticator from here and add it to the
<IS_HOME>/repository/components/dropins
directory.If you want to upgrade the Reddit Authenticator (.jar) in your existing IS pack, please refer upgrade instructions.
Configuring the Reddit App
- Create a reddit account using the URL https://www.reddit.com/ and log in.
- Navigate to https://www.reddit.com/prefs/apps and click are you a developer?create an app on the top left corner.
Example: - Create a web app.
Usehttps://localhost:9443/commonauth
as the about url and redirect uri when creating the web app. - Now you can get the clientId and clientSecret of your created app.
Deploying travelocity.com sample app
The next step is to deploy the sample app in order to use it in this scenario.
Once this is done, the next step is to configure the WSO2 Identity Server by adding an identity provider and service provider.
Configuring the identity provider
Now you have to configure WSO2 Identity Server by adding a new identity provider. For more information about the Identity Providers, see Configuring an Identity Provider.
Go to https://www.reddit.com/ in your browser, and click the HTTPS trust icon on the address bar (e.g., the padlock next to the URL in Chrome) to download the certificate.
Based on the browser the steps to download the certificate changes. Click valid under Certificate (Chrome) or click Show certificate (Safari), expand the Details section and click the URL under CA Issuer to download the certificate.
Example: On ChromeThis is supported on Firefox and Safari browsers by default but it is not supported on some Chrome browsers.
Import that certificate into the IS client keystore.
keytool -importcert -file <certificate file> -keystore <IS>/repository/resources/security/client-truststore.jks -alias "Reddit"
The default password of the client-truststore.jks is "wso2carbon".
- Run the WSO2 Identity Server.
- Log in to the management console as an administrator.
- In the Identity Providers section under the Main tab of the management console, click Add.
- Give a suitable name for Identity Provider Name.
- Navigate to RedditAuthenticator Configuration under Federated Authenticators.
Enter the values as given in the above figure.
- Client Id: Client Id for your web app.
- Client Secret: Client Secret for your web app.
- Callback URL: Service Provider's URL where code needs to be sent .
Select both checkboxes to Enable the Reddit authenticator and make it the Default.
- Click Register .
You have now added the identity provider.
Configuring the service provider
The next step is to configure the service provider.
Return to the management console.
In the Service Providers section, click Add under the Main tab.
Since you are using travelocity as the sample, enter travelocity.com in the Service Provider Name text box and click Register .
In the Inbound Authentication Configuration section, click Configure under the SAML2 Web SSO Configuration section.
Now set the configuration as follows:
Issuer: travelocity.com
Assertion Consumer URL: http://localhost:8080/travelocity.com/home.jsp
- Select the following check-boxes:
Enable Response Signing.
Enable Single Logout.
Enable Attribute Profile.
- Include Attributes in the Response Always.
Click Update to save the changes. Now you will be sent back to the Service Providers page.
Navigate to the Local and Outbound Authentication Configuration section.
Select the identity provider you created from the dropdown list under Federated Authentication.
- Ensure that the Federated Authentication radio button is selected and click Update to save the changes.
You have now added and configured the service provider.
Testing the sample
To test the sample, go to the following URL:
http://<TOMCAT_HOST>:<TOMCAT_PORT>/travelocity.com
.
E.g., http://localhost:8080/travelocity.comLogin with SAML from the WSO2 Identity Server.
Enter your Reddit credentials in the prompted login page of Reddit. Once you log in successfully you will be taken to the home page of the travelocity.com app.