Skip to content
Newer
Older
100644 64 lines (37 sloc) 2.63 KB
df5d2fc @jystewart Some improvements to the gds-sso README
jystewart authored Oct 21, 2011
1 ## Introduction
f2a4ff4 @fidothe Add config object and notes in README
fidothe authored Jul 6, 2011
2
df5d2fc @jystewart Some improvements to the gds-sso README
jystewart authored Oct 21, 2011
3 GDS-SSO provides everything needed to integrate an application with the sign-on-o-tron single-sign-on
4 (https://github.com/alphagov/sign-on-o-tron) as used by the Government Digital Service, though it
5 will probably also work with a range of other oauth2 providers.
f2a4ff4 @fidothe Add config object and notes in README
fidothe authored Jul 6, 2011
6
68e029f @jystewart Strip trailing whitespace
jystewart authored Jan 20, 2012
7 It is a wrapper around omniauth that adds a 'strategy' for oAuth2 integration against sign-on-o-tron,
df5d2fc @jystewart Some improvements to the gds-sso README
jystewart authored Oct 21, 2011
8 and the necessary controller to support that request flow.
9
10 For more details on OmniAuth and oAuth2 integration see https://github.com/intridea/omniauth
11
12
13 ## Integration with a Rails 3+ app
14
e51f333 @garethrees Fix typo in README
garethrees authored Apr 20, 2012
15 To use gds-sso you will need an oauth client ID and secret for sign-on-o-tron or a compatible system.
df5d2fc @jystewart Some improvements to the gds-sso README
jystewart authored Oct 21, 2011
16 These can be provided by one of the team with admin access to sign-on-o-tron.
17
18 Then include the gem in your Gemfile:
19
cd08b23 @fatbusinessman Fix code formatting in README.
fatbusinessman authored Jul 27, 2012
20 gem 'gds-sso', :git => 'https://github.com/alphagov/gds-sso.git'
1635747 @fidothe Tidy up and move some more things that should be in config into config
fidothe authored Jul 6, 2011
21
f2a4ff4 @fidothe Add config object and notes in README
fidothe authored Jul 6, 2011
22 Create a `config/initializers/gds-sso.rb` that looks like:
23
24 GDS::SSO.config do |config|
1635747 @fidothe Tidy up and move some more things that should be in config into config
fidothe authored Jul 6, 2011
25 config.user_model = 'User'
68e029f @jystewart Strip trailing whitespace
jystewart authored Jan 20, 2012
26
1635747 @fidothe Tidy up and move some more things that should be in config into config
fidothe authored Jul 6, 2011
27 # set up ID and Secret in a way which doesn't require it to be checked in to source control...
28 config.oauth_id = ENV['OAUTH_ID']
29 config.oauth_secret = ENV['OAUTH_SECRET']
68e029f @jystewart Strip trailing whitespace
jystewart authored Jan 20, 2012
30
71ab671 @jamiecobbett Update README with extra things the app should do
jamiecobbett authored Jul 20, 2012
31 # Application name as per signonotron2's database, used for permissions
32 config.default_scope = "Need-o-Tron"
33
1635747 @fidothe Tidy up and move some more things that should be in config into config
fidothe authored Jul 6, 2011
34 # optional config for location of sign-on-o-tron
35 config.oauth_root_url = "http://localhost:3001"
68e029f @jystewart Strip trailing whitespace
jystewart authored Jan 20, 2012
36
59bc259 @heathd Authenticate API calls with HTTP Basic auth.
heathd authored Jan 9, 2012
37 # optional config for API Access (requests which accept application/json)
38 config.basic_auth_user = 'api'
39 config.basic_auth_password = 'secret'
f2a4ff4 @fidothe Add config object and notes in README
fidothe authored Jul 6, 2011
40 end
df5d2fc @jystewart Some improvements to the gds-sso README
jystewart authored Oct 21, 2011
41
42 The user model needs to respond to klass.find_by_uid(uid), and must include the GDS::SSO::User module.
43
71ab671 @jamiecobbett Update README with extra things the app should do
jamiecobbett authored Jul 20, 2012
44 It also needs to specify the below (or an equivalent):
45
46 attr_accessible :uid, :email, :name, :permissions, as: :oauth
47
8ae3536 @heathd Add note about running in mock/real mode in development.
heathd authored Apr 16, 2012
48 You also need to include `GDS::SSO::ControllerMethods` in your ApplicationController
49
50 ## Use in development mode
51
52 In development, you generally want to be able to run an application without needing to run your own SSO server to be running as well. GDS-SSO facilitates this by using a 'mock' mode in development. Mock mode loads an arbitrary user from the local application's user tables:
53
54 GDS::SSO.test_user || GDS::SSO::Config.user_klass.first
55
593e442 @jamiecobbett Explain how to set up dev env with real SSO
jamiecobbett authored Jun 29, 2012
56 To make it use a real strategy (e.g. if you're testing an app against the signon server), you will need to ensure that your signonotron2 database has got OAuth config that matches what the apps use in development mode. To do this, run this in signonotron2:
57
58 bundle exec ./script/make_oauth_work_in_dev
59
60 Once that's done, set an environment variable when you run your app. e.g.:
8ae3536 @heathd Add note about running in mock/real mode in development.
heathd authored Apr 16, 2012
61
62 GDS_SSO_STRATEGY=real bundle exec rails s
63
Something went wrong with that request. Please try again.