When we configure Devise we put in config/initializers/devise.rb something like this:
config.omniauth :google_oauth2, "[client_id].apps.googleusercontent.com", "[client_secret]"
I'm curious how to use this info (client_id and client_secret) inside the app?
For example,
flow = Google::APIClient::InstalledAppFlow.new(
:client_id => client_secrets.client_id,
:client_secret => client_secrets.client_secret,
:scope => [YOUTUBE_READONLY_SCOPE]
)
I'd like to get this info from Devise instead of hardcoding it.
You could add the client_id and client_secret in an yml file called google.yml (for example) and in devise.rb you could have something like:
config_google = YAML.load_file("#{Rails.root}/config/google.yml")
config.omniauth :google_oauth2, config_google["client_id"], config_google["client_secret"]
Same thing goes if you want to use the config outside the initializer. Just load the yml and use its contents.
Inside the yml you can have different keys for each environment (development, production, etc). Just make sure you load it properly.
YAML.load_file("#{Rails.root}/config/google.yml")[Rails.env] # for example
Related
Devise.rb
require "omniauth-facebook"
# CREDENTIALS_CONFIG = YAML.load_file("#{Rails.root}/config/omniauth.yml")[Rails.env].symbolize_keys
# config.omniauth :facebook, ENV['FACEBOOK_KEY'], ENV['FACEBOOK_SECRET'], :strategy_class => OmniAuth::Strategies::Facebook, :image_size => 'large'
Rails.application.config.middleware.use OmniAuth::Builder do
if Rails.env == 'production'
provider :facebook, 'sample_key', 'sample_key'
elsif ['staging', 'development'].include? Rails.env
provider :facebook, 'key_sampl', 'key_sdfjkhd',
:scope => 'email', :info_fields => 'email'
end
end
After Login with facebook receiving this hash:
({ extra"=>{"raw_info"=>{"id"=>"846548425", "name"=>"Rakesh PD"}}, "info"=>{"image"=>"http://graph.facebook.com/846548425430988/picture (2KB)
", "name"=>"Rakesh PD"}, "provider"=>"facebook", "uid"=>"846548425"} )
Not receiving logined users email first name, last name, mobile but the account contain all the informations (email first name, last name, mobile etc)
I would recommend you to create a html/js text file for you to understand how Facebook's javascript API works.
It will be quick for you to understand the raw data sent by Facebook after the log-in. In particular the restrictions to the data will be easy to spot.
The response to the omnialth-facebook gem is the same as (or very close to it) the one from the javascript SDK.
So if the javascript SDK responce produces the account parameters you need, omnialth-facebook gem would be able to retrieve it as well. Mind that if the vanilla javascript response does not have all the parameters you need, you will probably have to adjust your facebook app.
After some round of experiments I believe you will be able to adjust your facebook app or perform the necessary changes in your rails app
I am using the omniauth-magento gem: http://rubydoc.info/gems/omniauth-magento/0.0.6/frames
Setting my omniauth.rb file in initializers as such:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :magento, "TOKEN", "SECRET", :client_options => { :authorize_path => "/su", :site => "https://store.magento.com" }
end
The store needs to be dynamic though. How can I make it such OR how can I do the same thing in a controller?
Thanks!
I should mention there is another gem: https://github.com/Contiamo/omniauth-magento which allows to set dynamically but i have no clue where to put this.
I've got a rails 4 application with facebook authentication and I've deployed it on heroku.
Sometimes i debug my app using localhost. That's why I create two apps on facebook developers page - the first using heroku_address (app_id 1 and app_secret 1) and the second one using localhost_address (app_id 2 and app_secret 2).
My question is how should I configure my omniauth.rb so that my_rails_app will use app_id 1 set if heroku_adress or app_id 2 set if localhost. I would like my appliction_authentication to work both on localhost and on heroku_url without changing omniauth.rb.
Here is my omniauth.rb:
OmniAuth.config.logger = Rails.logger
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, '229517473864398', '88c42ceadf5ac4baeb36333a5fc990ac' #, {:client_options => {:ssl => {:ca_path => "/etc/ssl/certs"}}}
# provider :facebook, '1397526230476094', '5fd1171c4781525b9e5a873c095f4d6e' #, {:client_options => {:ssl => {:ca_path => "/etc/ssl/certs"}}}
end
end
Thanks in advance for your attention!
The best way is to put those information in ENV. It's easy to do with heroku, use the figaro gem if needed.
What I'm trying to have in the end is the ability to login normally with devise OR choose to login with SAML. So I read that if I integrate omniauth and saml, then omniauth and devise, I could achieve that.
My problem is, that I have different IDPs that I would like to choose from. So I don't have one :idp_sso_target_url, but many. So my question is how can I dynamically change the value of the target_url. Currently the omniauth-saml gem defines this value in the config/initializers directory..
Thank you,
You can store settings for every provider in db, and then configure omniauth in the setup phase at request-time. For example:
SETUP_PROC = lambda do |env|
request = Rack::Request.new(env)
user = User.find_by_subdomain(request.subdomain)
env['omniauth.strategy'].options[:consumer_key] = user.consumer_key
env['omniauth.strategy'].options[:consumer_secret] = user.consumer_secret
end
use OmniAuth::Builder.new do
provider :twitter, :setup => SETUP_PROC
end
See https://github.com/intridea/omniauth/wiki/Setup-Phase for more information.
Using multiple SAML IDPs with Devise + OmniAuth:
Follow this official guide for Single IDP.
https://github.com/omniauth/omniauth-saml#devise-integration
Once you have your SP working with single IDP, do following tweaks
In devise initializer
config.omniauth :first, {
name: :first,
strategy_class: ::OmniAuth::Strategies::SAML,
#Rest of the config as per omniauth-saml guide
assertion_consumer_service_url: '/users/auth/first/callback'}
config.omniauth :second, {
name: :second,
strategy_class: ::OmniAuth::Strategies::SAML,
#Rest of the config as per omniauth-saml guide
assertion_consumer_service_url: '/users/auth/second/callback'}
In Users::OmniauthCallbacksController, add actions named first and second in instead of saml as suggested in official guide.
In your User model:
devise :omniauthable, omniauth_providers: [:first, :second]
If all configured correctly, you now have your SP configured for two IDPs.
Rails.application.config.middleware.use OmniAuth::Builder do
provider :saml,
name: "first",
assertion_consumer_service_url: "/auth/first/callback",
issuer: "your-app",
idp_sso_target_url: "first.com/idp"
idp_cert_fingerprint: "E7:91:B2:E1:...",
name_identifier_format: "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
provider :saml,
name: "second",
assertion_consumer_service_url: "/auth/second/callback",
issuer: "your-app",
idp_sso_target_url: "second.com/idp",
idp_cert_fingerprint: "E7:91:B2:E1:...",
name_identifier_format: "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
end
If using the application in a federation context there will be most likely a metadata source, such as prescribed in the saml2int.org profile. This metadata has the data to populate IDP discovery (and automatically configure all the IDPs). It seems that omniauth-saml does not support the SAML Metadata specification, therefore some kind of SAML proxy is the alternative.
I'm using the Omniauth Stripe-Connect gem and I'd like to add a scope, but the documentation does not cover this. Here's what I'm trying right now, but the scope and stripe-landing parameters are not being included:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :stripe_connect, ENV['STRIPE_CONNECT_CLIENT_ID'], ENV['STRIPE_SECRET'], { :scope => 'read_write', :stripe_landing => 'register' }
end
The gem/strategy: https://github.com/isaacsanders/omniauth-stripe-connect
With the above gem, adding scope and stripe_landing to the Builder does not work.
Instead use just this:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :stripe_connect, ENV['STRIPE_CONNECT_CLIENT_ID'], ENV['STRIPE_SECRET']
end
And then add in the parameters in your Omniauth link:
<a href='http://exampleapp.com/auth/stripe_connect?scope=read_write&stripe_landing=register'>Connect With Stripe</a>