[wip] Troubleshooting and diagnosis errors encountered when integrating

Devise and OmniAuth routes for `session_path` and CAS authentication. Co-authored-by: Robert-Anthony Lee-Faison <leefaisonr@users.noreply.github.com>
pulibrary · May 31, 2024 · 9713b38 · 9713b38
1 parent 02c5cd6
commit 9713b38
Show file tree

Hide file tree

Showing 5 changed files with 23 additions and 2 deletions.
diff --git a/Gemfile b/Gemfile
@@ -55,3 +55,5 @@ group :test do
   gem "database_cleaner-active_record"
   gem "selenium-webdriver"
 end
+
+gem "pry-byebug"
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -144,6 +144,7 @@ GEM
       super_diff
       thor
       zeitwerk (~> 2.1)
+    coderay (1.1.3)
     coercible (1.0.0)
       descendants_tracker (~> 0.0.1)
     commonmarker (0.23.10)
@@ -167,7 +168,7 @@ GEM
       activesupport
     descendants_tracker (0.0.4)
       thread_safe (~> 0.3, >= 0.3.1)
-    devise (4.9.4)
+    devise (4.8.1)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)
@@ -247,6 +248,7 @@ GEM
       net-smtp
     marcel (1.0.4)
     matrix (0.4.2)
+    method_source (1.1.0)
     mini_mime (1.1.5)
     minitest (5.23.1)
     msgpack (1.7.2)
@@ -315,6 +317,12 @@ GEM
     patience_diff (1.2.0)
       optimist (~> 3.0)
     pg (1.5.6)
+    pry (0.14.2)
+      coderay (~> 1.1)
+      method_source (~> 1.0)
+    pry-byebug (3.10.1)
+      byebug (~> 11.0)
+      pry (>= 0.13, < 0.15)
     psych (5.1.2)
       stringio
     public_suffix (5.0.5)
@@ -524,6 +532,7 @@ DEPENDENCIES
   omniauth-cas (~> 3.0)
   omniauth-orcid
   pg
+  pry-byebug
   puma (= 5.6.8)
   rack (= 2.2.8.1)
   rails (~> 7.1.0)

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -2,11 +2,18 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery with: :exception
   before_action :authenticate_user!
+  # include Devise::Controllers::UrlHelpers
+  # include Rails.application.routes.url_helpers
+  # include Rails.application.routes.mounted_helpers
 
   def new_session_path(_scope)
     new_user_session_path
   end
 
+  def session_path(_scope)
+    new_user_session_path
+  end
+
   def after_sign_in_path_for(_resource)
     "/users/#{@user.id}"
   end

diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
@@ -290,10 +290,11 @@
 
   ## For CAS
   config.omniauth :cas, host: "fed.princeton.edu", url: "https://fed.princeton.edu/cas"
-  OmniAuth.config.allowed_request_methods = [:get, :post]
 
   ## For OCID Failure
   config.omniauth :orcid, callback: "/auth/orcid/callback"
+  OmniAuth.config.allowed_request_methods = [:get, :post]
+  OmniAuth.config.request_validation_phase = OmniAuth::AuthenticityTokenProtection.new(allow_if: ->(_env) { true })
 
   # ==> Mountable engine configurations
   # When using Devise inside an engine, let's call it `MyEngine`, and this engine

diff --git a/config/routes.rb b/config/routes.rb
@@ -29,6 +29,8 @@
 
   devise_scope :user do
     get "sign_in", to: "devise/sessions#new", as: :new_user_session
+    # get "sign_in", to: "users/omniauth_callbacks#passthru", as: :new_user_session
+    get "sign_in", to: "users/omniauth_callbacks#passthru", as: :session
     get "sign_out", to: "devise/sessions#destroy", as: :destroy_user_session
   end
 end