Silhouette

OAuth1 token secret

CookieSecret

To configure the CookieSecret provider you must use the CookieSecretSettings class. This class has the following form:

case class CookieSecretSettings(
  cookieName: String = "OAuth1TokenSecret",
  cookiePath: String = "/",
  cookieDomain: Option[String] = None,
  secureCookie: Boolean = true,
  httpOnlyCookie: Boolean = true,
  expirationTime: FiniteDuration = 5 minutes)
Property
Description

`cookieName

The cookie name

cookiePath

The cookie path

cookieDomain

The cookie domain

secureCookie

Whether this cookie is secured, sent only for HTTPS requests

Note:
This should be disabled for testing on localhost without SSL, otherwise cookie couldn't be set

httpOnlyCookie

Whether this cookie is HTTP only, i.e. not accessible from client-side JavaScript code

expirationTime

Secret expiration. Defaults to 5 minutes which provides sufficient time to log in, but not too much. This is a balance between convenience and security

Example

oauth1TokenSecretProvider.cookieName = "OAuth1TokenSecret"
oauth1TokenSecretProvider.cookiePath = "/"
oauth1TokenSecretProvider.secureCookie = false
oauth1TokenSecretProvider.httpOnlyCookie = true
oauth1TokenSecretProvider.expirationTime = 5 minutes

Updated about an hour ago


OAuth1 token secret


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.