I am using the omniauth-magento gem: http://rubydoc.info/gems/omniauth-magento/0.0.6/frames
Setting my omniauth.rb file in initializers as such:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :magento, "TOKEN", "SECRET", :client_options => { :authorize_path => "/su", :site => "https://store.magento.com" }
end
The store needs to be dynamic though. How can I make it such OR how can I do the same thing in a controller?
Thanks!
I should mention there is another gem: https://github.com/Contiamo/omniauth-magento which allows to set dynamically but i have no clue where to put this.
Related
When we configure Devise we put in config/initializers/devise.rb something like this:
config.omniauth :google_oauth2, "[client_id].apps.googleusercontent.com", "[client_secret]"
I'm curious how to use this info (client_id and client_secret) inside the app?
For example,
flow = Google::APIClient::InstalledAppFlow.new(
:client_id => client_secrets.client_id,
:client_secret => client_secrets.client_secret,
:scope => [YOUTUBE_READONLY_SCOPE]
)
I'd like to get this info from Devise instead of hardcoding it.
You could add the client_id and client_secret in an yml file called google.yml (for example) and in devise.rb you could have something like:
config_google = YAML.load_file("#{Rails.root}/config/google.yml")
config.omniauth :google_oauth2, config_google["client_id"], config_google["client_secret"]
Same thing goes if you want to use the config outside the initializer. Just load the yml and use its contents.
Inside the yml you can have different keys for each environment (development, production, etc). Just make sure you load it properly.
YAML.load_file("#{Rails.root}/config/google.yml")[Rails.env] # for example
I've got a rails 4 application with facebook authentication and I've deployed it on heroku.
Sometimes i debug my app using localhost. That's why I create two apps on facebook developers page - the first using heroku_address (app_id 1 and app_secret 1) and the second one using localhost_address (app_id 2 and app_secret 2).
My question is how should I configure my omniauth.rb so that my_rails_app will use app_id 1 set if heroku_adress or app_id 2 set if localhost. I would like my appliction_authentication to work both on localhost and on heroku_url without changing omniauth.rb.
Here is my omniauth.rb:
OmniAuth.config.logger = Rails.logger
Rails.application.config.middleware.use OmniAuth::Builder do
provider :facebook, '229517473864398', '88c42ceadf5ac4baeb36333a5fc990ac' #, {:client_options => {:ssl => {:ca_path => "/etc/ssl/certs"}}}
# provider :facebook, '1397526230476094', '5fd1171c4781525b9e5a873c095f4d6e' #, {:client_options => {:ssl => {:ca_path => "/etc/ssl/certs"}}}
end
end
Thanks in advance for your attention!
The best way is to put those information in ENV. It's easy to do with heroku, use the figaro gem if needed.
I'm using the Omniauth Stripe-Connect gem and I'd like to add a scope, but the documentation does not cover this. Here's what I'm trying right now, but the scope and stripe-landing parameters are not being included:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :stripe_connect, ENV['STRIPE_CONNECT_CLIENT_ID'], ENV['STRIPE_SECRET'], { :scope => 'read_write', :stripe_landing => 'register' }
end
The gem/strategy: https://github.com/isaacsanders/omniauth-stripe-connect
With the above gem, adding scope and stripe_landing to the Builder does not work.
Instead use just this:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :stripe_connect, ENV['STRIPE_CONNECT_CLIENT_ID'], ENV['STRIPE_SECRET']
end
And then add in the parameters in your Omniauth link:
<a href='http://exampleapp.com/auth/stripe_connect?scope=read_write&stripe_landing=register'>Connect With Stripe</a>
My initializer/devise.rb uses:
config.omniauth :facebook, Facebook::APP_ID, Facebook::SECRET, {:scope => Facebook::SCOPE, :client_options => { :ssl => { :ca_file => '/usr/lib/ssl/certs/ca-certificates.crt' }}}
and Generates:
https://graph.facebook.com/oauth/authorize?response_type=code&client_id=123&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fusers%2Fauth%2Ffacebook%2Fcallback&parse=query&scope=user_about_me%2Cuser_birthday%2Cuser_location%2Cemail&client_options=%7B%3Assl%3D%3E%7B%3Aca_file%3D%3E%22%2Fusr%2Flib%2Fssl%2Fcerts%2Fca-certificates.crt%22%7D%7D
The strategy file facebook.rb for oa-oauth shows this:
def initialize(app, client_id=nil, client_secret=nil, options = {}, &block)
client_options = {
:site => 'https://graph.facebook.com/',
:token_url => '/oauth/access_token'
}
options = {
:parse => :query
}.merge(options)
super(app, :facebook, client_id, client_secret, client_options, options, &block)
end
Question:
It seems like it's not possible to set the :client_options by passing in a value, so why does the omniauth wiki show this code? I don't want this info being passed over the wire if it doesn't need to be and FB just ignores it as unsupported anyway. So is there a way to set the ssl options or is it even needed?
I ended up just removing the client_options parameter since it seems the config.omniauth initializer wasn't accepting it. That way it doesn't pass the value to facebook.
I know this is old, but I googled and this was the first result came up first.
I have a facebook.yml file with my config per env. I was getting this error because I didn't have client_options set up for dev. I solve it by merging in client_options if they weren't nil.
I hope this helps someone else.
FACEBOOK = YAML.load_file("#{::Rails.root}/config/facebook.yml")[::Rails.env]
config.omniauth :facebook, FACEBOOK['app_id'], FACEBOOK['secret'], { scope:FACEBOOK['scope'] }
config.omniauth['scope'].merge(client_options:FACEBOOK['client_options']) if FACEBOOK['client_options']
My current /config/initializers/omniauth.rb file contains:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :open_id, nil, :name => 'google', :identifier => 'https://www.google.com/accounts/o8/id'
end
When I login via Google by going to /auth/google, Google reports:
DOMAIN is asking for some information from your Google Account EMAIL
- Email address: NAME (EMAIL)
My application doesn't need the user's email and so I'd like to remove this barrier to entry. Is there anyway to remove this requirement. For Facebook, I've found I can add the "scope" property of options, for example:
provider :facebook, 'APP_ID', 'APP_SECRET', {:scope => ''}
Based on a quick review of the source for the OpenID strategy (which Google Aps auth inherits from), you can pass in options specifying which attributes are optional vs. required for an Attributes Exchange (AX) auth.
See source code here for options: https://github.com/intridea/omniauth/blob/master/oa-openid/lib/omniauth/strategies/open_id.rb
Based on that, I think you could change the options like so to remove email as a required attribute:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :open_id, nil, :name => 'google', :identifier => 'https://www.google.com/accounts/o8/id', :required => [], :optional => []
end
Good luck. I didn't test this, just reading the source.