-
Notifications
You must be signed in to change notification settings - Fork 67
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Investigate Devise+Omniauth support #6
Comments
Any updates on this one? We are trying to figure out how to make this gem play with devise. No luck so far :\ |
I have a basic devise-auth0 integration here https://github.com/faradayio/devise-auth0 |
In case anyone is interested, the following worked for me: config.omniauth :auth0, SETTINGS[:auth0][:client_id],
SETTINGS[:auth0][:client_secret], SETTINGS[:auth0][:domain],
callback_path: '/users/auth/auth0/callback' Then I just added an AUTH0_AUTHENTICAITON_URL = "https://#{SETTINGS[:auth0][:domain]}/authorize?client_id=#{SETTINGS[:auth0][:client_id]}&response_type=code&redirect_uri=#{SETTINGS[:protocol]}://#{SETTINGS[:host]}/users/auth/auth0/callback"
AUTH0_LOGOUT_URL = "https://#{SETTINGS[:auth0][:domain]}/v2/logout?returnTo=#{SETTINGS[:protocol]}://#{SETTINGS[:host]}" On devise side, login action: def login_page
if user_signed_in?
redirect_to root_path, notice: 'You are already signed in.'
else
redirect_to AUTH0_AUTHENTICAITON_URL
end
end To make sure SSO session is terminated, in application controller: def after_sign_out_path_for(_)
"#{AUTH0_LOGOUT_URL}#{super}"
end |
@aouji can you give more details on how did you get SSO working? I am getting the following error when auth0 redirects to my page. Also, where did you place this code?
Thank you! |
@mdesanti Not sure. Are you sure the AUTH0_AUTHENTICAITON_URL is set properly? If you open it in a browser do you get to your company's login page in auth0? If so does the redirect_uri look valid? |
@aouji I found the reason why the URL was invalid. I'm still uncertain about where to place the code to redirect to AUTH0_AUTHENTICAITON_URL. I'm currently handling that with a custom failure |
Sorry I missed your second question. I have set up devise routes as follows: devise_scope :user do
get 'login' => 'authentication#login_page', as: :new_user_session
...
end And the login_page action is as in the comment before and is placed in a controller I have called AuthenticationController. class CustomFailureApp < Devise::FailureApp
def redirect_url
warden_message == :timeout ? "#{AUTH0_LOGOUT_URL}#{super}" : super
end
end |
Have not tested this out but there is a wiki page on getting Devise to work with OmniAuth. If there is something we're doing to prevent that from working, we're happy to take a look. Going to close this one for now. |
Devise support might be integrated in this gem or in a separate one. Find out which is best.
The text was updated successfully, but these errors were encountered: