Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

41 lines (26 sloc) 1.651 kb

Introduction

GDS-SSO provides everything needed to integrate an application with the sign-on-o-tron single-sign-on (https://github.com/alphagov/sign-on-o-tron) as used by the Government Digital Service, though it will probably also work with a range of other oauth2 providers.

It is a wrapper around omniauth that adds a 'strategy' for oAuth2 integration against sign-on-o-tron, and the necessary controller to support that request flow.

For more details on OmniAuth and oAuth2 integration see https://github.com/intridea/omniauth

Integration with a Rails 3+ app

To use gds-sso tou will need an oauth client ID and secret for sign-on-o-tron or a compatible system. These can be provided by one of the team with admin access to sign-on-o-tron.

Then include the gem in your Gemfile:

gem 'gds-sso', :git => 'https://github.com/alphagov/gds-sso.git'

Create a config/initializers/gds-sso.rb that looks like:

GDS::SSO.config do |config|
  config.user_model   = 'User'

  # set up ID and Secret in a way which doesn't require it to be checked in to source control...
  config.oauth_id     = ENV['OAUTH_ID']
  config.oauth_secret = ENV['OAUTH_SECRET']

  # optional config for location of sign-on-o-tron
  config.oauth_root_url = "http://localhost:3001"

  # optional config for API Access (requests which accept application/json)
  config.basic_auth_user = 'api'
  config.basic_auth_password = 'secret'
end

The user model needs to respond to klass.find_by_uid(uid), and must include the GDS::SSO::User module.

You also need to include GDS::SSO::ControllerMethods in your ApplicationController

Jump to Line
Something went wrong with that request. Please try again.