I have managed to get up and running with the Rails QS sample application and used my relevant applications client id/secret/callback urls and all has worked OK. I am now in the process of trying to integrate this with an existing rails application that is using Devise & has a pre-existing omniauth configuration for Slack. I was unable to run this with the dedicated omniauth-auth0 gem as my routes.rb has a predefined callbacks_controller: devise_for :users, class_name: 'User', controllers: { omniauth_callbacks: 'users/omniauth_callbacks' }
I have instead extended the existing config/initalizers/omniauth.rb file to include my details like below:
# frozen_string_literal: true
Devise.setup do |config|
config.omniauth :slack,
Setting.slack_client_id,
Setting.slack_client_secret,
scope: 'channels:read,chat:write:bot,incoming-webhook',
provider_ignores_state: true,
client_options: {
site: 'https://slack.com',
authorize_url: '/oauth/authorize',
token_url: '/api/oauth.access',
auth_scheme: :basic_auth,
raise_errors: true,
history: []
}
config.omniauth :auth0,
Setting.auth0_client_id,
Setting.auth0_client_secret,
Setting.auth0_domain,
scope: 'openid profile email',
end
OmniAuth.config.allowed_request_methods = %i[post get]
And setup the routes and concern to match the QS setup so that users can only access the /dashboard endpoint when the user has successfully authenticated.
So far my application is successfully redirecting users to my auth0 tenant to login, but is continuously stuck in some form of redirect when it comes to accessing the dashboard url after successfully authenticating.
As I couldnt use the omniauth-auth0 initialiser I had to instead extend the OmniauthCallbacksController with below:
controllers/users/omniauth_callbacks_controller.rb
def auth0
if omniauth_request.nil?
flash[:error] = I18n.t('errors.authentication_failed')
redirect_to new_user_session_path
return
end
auth0_authenticate
redirect_to '/dashboard'
end
def auth0_authenticate
auth_info = request.env['omniauth.auth']
Rails.logger.debug { "Auth Info: #{auth_info.inspect}" }
session[:userinfo] = auth_info['extra']['raw_info']
Rails.logger.debug { "Session Userinfo: #{session[:userinfo].inspect}" }
end
This appears to work, however I am uncertain if my issue is either:
- The session data is not persisting when moving to the dashboard controller (as in my callbacks it seems to log the session data successfully).
- Something is incorrect with my omniauth configuration, possibly I need additional callback details included within the omniauth_callbacks_controller?
Any help or references apprecaited.