Skip to content
OAuth Strategy generator for Warden Authentication Framework
Find file
New pull request
Fetching latest commit...
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.



warden_oauth enhances the Warden authentication framework, offering a simple interface for creating oauth strategies.

Getting Started

To get started you just have to require the warden_oauth libraries, and setup the oauth services you would like to have on the Warden::Manager middleware declaration:

Warden::Manager do |manager|
  manager.failure_app = FailureApp
  manager.oauth(:twitter) do |twitter|
    twitter.consumer_secret = <YOUR CONSUMER SECRET>
    twitter.consumer_key  = <YOUR CONSUMER KEY>
    twitter.options :site => ''
  manager.default_strategies(:twitter_oauth, :password, :other)

Giving an Access Token fetcher

Users get identified on a system via an access_token and an access_secret, when a valid access_token is recevied, warden_oauth calls a fetcher declared on Warden::Strategies[:<strategy_key>_oauth].access_token_user_finder.

Warden::Strategies[:twitter_oauth].access_token_user_finder do |access_token|
  User.find_by_access_token_and_access_secret(access_token.token, access_token.secret)

If a user is returned, then this is the user that is going to be authenticated in the session, otherwise the FailureApp will be called, you may check the env[:oauth][:access_token] to check the original access_token and create a new user from there if desired.

Strategy Class info

When you declare an oauth strategy on the Warden::Manager initialization, (e.g. manager.oauth(:service_name)) a Warden::OAuth::Strategy::ServiceName will be declared, at the same time this class will be registered as :service_name_oauth on the Warden::Strategies.

So if we have a declaration like the one of the Getting Started section, we will have an Strategy class called Warden::OAuth::Strategy::Twitter, and this will be registered as :twitter_oauth.

Running the Strategy

In order to get the strategy running in the app, you have to specify a parameter called warden_oauth_provider with the name of the oauth service you want to start. So for example, if you would like to boot the twitter oauth example given on the “Getting Started” section you just have to specify the parameter on a protected url.

In Rails:

link_to 'Twitter Authentication', url_for(login_path(:warden_oauth_provider => 'twitter'))


Don't set the :warden_oauth_provider parameter as part of the login route, if you do this rails will catch the parameter, but not the warden rack middleware, ergo, it won't work as expected.

Note on Patches/Pull Requests

For any error send an email to: romanandreg [at] gmail [dot] com


Copyright © 2009 Roman Gonzalez. See LICENSE for details.

Something went wrong with that request. Please try again.