This is the official OmniAuth strategy for authenticating to Auth0.
Add to your Gemfile
:
gem 'omniauth-auth0'
Then bundle install
.
Rails.application.config.middleware.use OmniAuth::Builder do
provider :auth0, ENV['AUTH0_CLIENT_ID'], ENV['AUTH0_CLIENT_SECRET'], ENV['AUTH0_DOMAIN']
end
Then to redirect to your tenant's hosted login page:
redirect_to '/auth/auth0'
use OmniAuth::Builder do
provider :auth0, ENV['AUTH0_CLIENT_ID'], ENV['AUTH0_CLIENT_SECRET'], ENV['AUTH0_DOMAIN']
end
Then to redirect to your tenant's hosted login page:
redirect to('/auth/auth0')
You can customize your hosted login page in your Auth0 Dashboard
To send additional parameters during login you can specify them when you register the provider
provider
:auth0,
ENV['AUTH0_CLIENT_ID'],
ENV['AUTH0_CLIENT_SECRET'],
ENV['AUTH0_DOMAIN'],
{
authorize_params: {
scope: 'openid read:users write:order',
audience: 'https://mydomain/api'
}
}
that will tell it to send those parameters on every Auth request.
Or you can do it for a specific Auth request by adding them in the query parameter of the redirect url:
redirect_to '/auth/auth0?connection=google-oauth2'
Auth0 strategy will have the standard OmniAuth hash attributes:
- provider: the name of the strategy, in this case
auth0
- uid: the user identifier
- info: the result of the call to /userinfo using OmniAuth standard attributes
- credentials: Auth0 tokens, at least will have an access_token but can eventually have refresh_token and/or id_token
- extra: Additional info obtained from calling /userinfo in the attribute
raw_info
{
:provider => 'auth0',
:uid => 'google-oauth2|this-is-the-google-id',
:info => {
:name => 'John Foo',
:email => '[email protected]',
:nickname => 'john',
:image => 'https://example.org/john.jpg'
},
:credentials => {
:token => 'XdDadllcas2134rdfdsI',
:expires_at => 1485373937,
:expires => true,
:refresh_token => 'aKNajdjfj123nBasd',
:id_token => 'eyJhbGciOiJIUzI1NiIsImN0eSI6IkpXVCJ9.eyJuYW1lIjoiSm9obiBGb28ifQ.lxAiy1rqve8ZHQEQVehUlP1sommPHVJDhgPgFPnDosg',
:token_type => 'bearer',
},
:extra => {
:raw_info => {
:email => '[email protected]',
:email_verified => 'true',
:name => 'John Foo',
:picture => 'https://example.org/john.jpg',
:user_id => 'google-oauth2|this-is-the-google-id',
:nickname => 'john',
:created_at: '2014-07-15T17:19:50.387Z'
}
}
}
If you are getting this error it means that you are using Cookie sessions and since you are storing the whole profile it overflows the max-size of 4K.
You can change to use In-Memory store for development as follows:
# /config/initializers/session_store.rb
CrazyApp::Application.config.session_store :cache_store
# /config/environments/development.rb
config.cache_store = :memory_store
For more information about auth0 contact our documentation page.
If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.
This project is licensed under the MIT license. See the LICENSE file for more info.