File: README.md

package info (click to toggle)
ruby-omniauth-auth0 2.0.0-1
  • links: PTS, VCS
  • area: main
  • in suites: bullseye, buster, sid
  • size: 144 kB
  • sloc: ruby: 397; makefile: 6
file content (143 lines) | stat: -rw-r--r-- 3,993 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
[![Build Status](https://travis-ci.org/auth0/omniauth-auth0.svg)](https://travis-ci.org/auth0/omniauth-auth0)

# OmniAuth Auth0

This is the official [OmniAuth](https://github.com/intridea/omniauth) strategy for authenticating to [Auth0](https://auth0.com).

## Installing

Add to your `Gemfile`:

```ruby
gem 'omniauth-auth0'
```

Then `bundle install`.

## Usage

### Rails

```ruby
Rails.application.config.middleware.use OmniAuth::Builder do
  provider :auth0, ENV['AUTH0_CLIENT_ID'], ENV['AUTH0_CLIENT_SECRET'], ENV['AUTH0_DOMAIN']
end
```

Then to redirect to your tenant's hosted login page:

```ruby
redirect_to '/auth/auth0'
```

### Sinatra

```ruby
use OmniAuth::Builder do
  provider :auth0, ENV['AUTH0_CLIENT_ID'], ENV['AUTH0_CLIENT_SECRET'], ENV['AUTH0_DOMAIN']
end
```

Then to redirect to your tenant's hosted login page:

```ruby
redirect to('/auth/auth0')
```

> You can customize your hosted login page in your [Auth0 Dashboard](https://manage.auth0.com/#/login_page)

### Auth parameters

To send additional parameters during login you can specify them when you register the provider

```ruby
provider 
  :auth0,
  ENV['AUTH0_CLIENT_ID'],
  ENV['AUTH0_CLIENT_SECRET'],
  ENV['AUTH0_DOMAIN'],
  {
    authorize_params: {
      scope: 'openid read:users write:order',
      audience: 'https://mydomain/api'
    }
  }
```

that will tell it to send those parameters on every Auth request.

Or you can do it for a specific Auth request by adding them in the query parameter of the redirect url:

```ruby
redirect_to '/auth/auth0?connection=google-oauth2'
```

### Auth Hash

Auth0 strategy will have the standard OmniAuth hash attributes:

- provider: the name of the strategy, in this case `auth0`
- uid: the user identifier
- info: the result of the call to /userinfo using OmniAuth standard attributes
- credentials: Auth0 tokens, at least will have an access_token but can eventually have refresh_token and/or id_token
- extra: Additional info obtained from calling /userinfo in the attribute `raw_info`

```ruby
	{
	  :provider => 'auth0',
	  :uid => 'google-oauth2|this-is-the-google-id',
	  :info => {
	    :name => 'John Foo',
	    :email => 'johnfoo@example.org',
	    :nickname => 'john',
	    :image => 'https://example.org/john.jpg'
	  },
	  :credentials => {
	    :token => 'XdDadllcas2134rdfdsI',
	    :expires_at => 1485373937,
        :expires => true,
        :refresh_token => 'aKNajdjfj123nBasd',
	    :id_token => 'eyJhbGciOiJIUzI1NiIsImN0eSI6IkpXVCJ9.eyJuYW1lIjoiSm9obiBGb28ifQ.lxAiy1rqve8ZHQEQVehUlP1sommPHVJDhgPgFPnDosg',
	    :token_type => 'bearer',
	  },
	  :extra => {
	    :raw_info => {
	      :email => 'johnfoo@example.org',
	      :email_verified => 'true',
	      :name => 'John Foo',
	      :picture => 'https://example.org/john.jpg',
	      :user_id => 'google-oauth2|this-is-the-google-id',
	      :nickname => 'john',
	      :created_at: '2014-07-15T17:19:50.387Z'
	    }
	  }
	}
```

### ActionDispatch::Cookies::CookieOverflow issue

If you are getting this error it means that you are using Cookie sessions and since you are storing the whole profile it overflows the max-size of 4K.

You can change to use In-Memory store for development as follows:

	# /config/initializers/session_store.rb
	CrazyApp::Application.config.session_store :cache_store

	# /config/environments/development.rb
	config.cache_store = :memory_store

## Documentation

For more information about [auth0](http://auth0.com) contact our [documentation page](http://docs.auth0.com/).

## Issue Reporting

If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues.

## Author

[Auth0](https://auth0.com)

## License

This project is licensed under the MIT license. See the [LICENSE](LICENSE) file for more info.