Class: OmniAuth::Strategies::CentralLogin
- Inherits:
-
OAuth2
- Object
- OAuth2
- OmniAuth::Strategies::CentralLogin
- Defined in:
- lib/omniauth/strategies/central_login.rb
Overview
A Central Login strategy for OmniAuth
Configuring Omniauth:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :central_login, ENV['CENTRAL_LOGIN_CLIENT_ID'], ENV['CENTRAL_LOGIN_CLIENT_SECRET'], {
scope: "openid email profile",
client_options: {
site: ENV['CENTRAL_LOGIN_URL']
}
}
end
Configuration for Devise (using omniauthable):
config.omniauth :central_login,
Rails.application.secrets.central_login_id,
Rails.application.secrets.central_login_secret,
{client_options: {site: Rails.application.secrets.central_login_site}, scope: "openid email profile"}
Instance Method Summary collapse
Instance Method Details
#id_token ⇒ Object
51 52 53 54 55 |
# File 'lib/omniauth/strategies/central_login.rb', line 51 def id_token if .response_type.to_s == "id_token" @id_token ||= access_token["id_token"] end end |
#raw_info ⇒ Object
65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 |
# File 'lib/omniauth/strategies/central_login.rb', line 65 def raw_info return @raw_info if @raw_info if id_token @raw_info = validate_id_token(id_token) else @raw_info = access_token.get("/oauth/userinfo").parsed if @raw_info @raw_info["issuer"] = access_token .get("/.well-known/webfinger?resource=#{@raw_info["email"]}") .parsed["links"] .select { |a| a["rel"] == "http://openid.net/specs/connect/1.0/issuer" }[0]["href"] end end @raw_info rescue ::OAuth2::Error => e raise ::Omniauth::CentralLogin::Error, "Make sure you have 'openid' added as scope (OAuth2::error: #{e.})" end |
#validate_id_token(id_token) ⇒ Object
57 58 59 60 61 62 63 |
# File 'lib/omniauth/strategies/central_login.rb', line 57 def validate_id_token(id_token) JWT.decode(id_token, nil, true, { algorithms: ["RS256"], jwks: jwks, iss: .[:site] })[0] end |