Powerschool: pull in email, user_type, and name data #22847
Conversation
|
|
||
| def extract_powerschool_data(auth) | ||
| # OpenID 2.0 data comes back in a different format compared to most of our other oauth data. | ||
| args = JSON.parse(auth.extra.response.message.to_json)['args'] |
There was a problem hiding this comment.
Casting to JSON and parsing is not pretty, but I've had little luck interacting with the OpenID::Message object itself. This could probably use some cleanup eventually.
| # Fiddle with data if it's a Powerschool request (other OpenID 2.0 providers might need similar treatment if we add any) | ||
| if request.env["omniauth.auth"].provider.to_s == 'powerschool' | ||
| auth_hash = extract_powerschool_data(request.env["omniauth.auth"]) | ||
| end |
There was a problem hiding this comment.
Style: It might be nice for auth_hash to become a private method on this controller, and the only place we reference request.env['omniauth.auth']. Then it'd be a fairly obvious place to add support for other OpenID 2.0 providers in the future.
| email: args["[\"http://openid.net/srv/ax/1.0\", \"value.ext1\"]"], | ||
| name: { | ||
| first: args["[\"http://openid.net/srv/ax/1.0\", \"value.ext2\"]"], | ||
| last: args["[\"http://openid.net/srv/ax/1.0\", \"value.ext3\"]"], |
There was a problem hiding this comment.
Any reason not to use outer single-quotes here, so we don't have to escape the inner double-quotes?
| skip_before_action :verify_authenticity_token, only: :powerschool | ||
|
|
||
| def extract_powerschool_data(auth) | ||
| # OpenID 2.0 data comes back in a different format compared to most of our other oauth data. |
There was a problem hiding this comment.
Might be nice to add a link to documentation of the expected OpenID 2.0 data format here.
Configure Powerschool SSO to pull in available data from the system. This comes in quite a bit differently from the way it does in other providers, so it takes a little more massaging to extract it.
Note that Powerschool does not appear to offer age or gender through this API, at least.