We’re pleased to announce the V1.1.0 release of the click-click IT Solutions Authentication Plugin for Oracle APEX.
This release covers the new Google and Facebook API changes and includes a number of enhancements. You can find out the full list of changes here below.
- Google Authentication
- Facebook Authentication
- Combined Authentication
Improvements & Changes
Migrate Google API:
To simplify their APIs, Google is consolidating support to people.get (and the OpenID-compliant version people.getOpenIdConnect), and ending support for the userinfo endpoint. The Google Authentication Plugin V1.0.0 uses the userinfo endpoint and therefore the https://www.googleapis.com/auth/userinfo.email and https://www.googleapis.com/auth/userinfo.profile scope. Google will no longer support the userinfo endpoint service after 31.08.2014, because of that, please update to V1.1.0.
Migrate Facebook API 1.0 to 2.0:
Facebook released the API v2.0 on 30.04.2014 at the 2014 Facebook Developer Conference (f8). This is the first release of Facebook’s API that is versioned. The Facebook Authentication Plugin V1.0.0 uses unversioned API calls. Where as the Facebook Authentication Plugin V1.1.0 is making 2.0 Facebook API calls. If you are using the Facebook Authentication Plugin V1.0.0 with an application which has been created on or after 30.04.2014, you have to update your plugin to V1.1.0. Because after Facebook API v2.0, it is possible for a user to decline scopes. With Facebook Authentication V1.1.0 we offer a new parameter ‘Required Scope’ where you can make specific scopes required again.
New wallet certificates
Certificates do have an expiration date and in times of the Heartbleed bug they expire even faster. To remind you of keeping your certs up to date, we added the newest certs. Furthermore, we describe in our documentation, how you can download them by yourself.
New procedure CL_GAUTH_CUSTOM_AUTHENTICATION for a smoother integration of custom login logic
There has been a few requests about custom authentication integration. It was possible to achieve this by adding a little workaround. We now offer a procedure where you can easily and smooth add your login logic.
Apex RESTful service as an alternative to the server modification (WWV_FLOW_EPG_INCLUDE_MOD_LOCAL)
Your Authentication Plugin needs an interface for the Google and Facebook redirect calls. To make a procedure accessible by the web, it is necessary to modify the server configuration. With the Authentication Plugin V1.1.0 and Apex 4.2 you have the possibility to use RESTful services instead.