Omniauth::Tanmer

This is the OAuth2 strategy for authenticating to your Tanmer service.

Requirements

Installation

Add this line to your application's Gemfile:

gem 'omniauth-tanmer'

And then execute:

$ bundle

Or install it yourself as:

$ gem install omniauth-tanmer

Usage

Put below code to config/application.rb:

config.middleware.use OmniAuth::Builder do
    provider :tanmer, ENV['OAUTH_TANMER_KEY'], ENV['OAUTH_TANMER_SECRET'],
    scope: 'public',
    client_options: { 
        site: ENV['OAUTH_TANMER_SITE'],
        authorize_url: ENV['OAUTH_TANMER_AUTH_URL'] || '/oauth/authorize'
    }
end

Like docker-compose/kubernetes infrastructure, we set ENV['OAUTH_TANMER_SITE']='http://sso, then user frontend will redirect to http://sso/oauth/authorize， To fix this, we can define ENV['OAUTH_TANMER_AUTH_URL']='http://sso.my-site.com/oauth/authorize'

Features

Sync permissions:

current_permissions = [
  { name: '查看', group_name: '会员', subject_class: 'Member', subject_id: nil, action: 'show', description: '' },
  { name: '创建', group_name: '会员', subject_class: 'Member', subject_id: nil, action: 'create', description: '' },
  { name: '修改', group_name: '会员', subject_class: 'Member', subject_id: nil, action: 'update', description: '' },
  { name: '删除', group_name: '会员', subject_class: 'Member', subject_id: nil, action: 'destroy', description: '' },
]

client = Omniauth::Tanmer::Permission.new(ENV['OAUTH_TANMER_HOST'], ENV['OAUTH_TANMER_KEY'], ENV['OAUTH_TANMER_SECRET'])
client.sync(current_permissions)

This will sync permission definitions between local project and SSO.

Contributing

Fork it
Create your feature branch (git checkout -b my-new-feature)
Commit your changes (git commit -am 'Add some feature')
Push to the branch (git push origin my-new-feature)
Create new Pull Request