[英]Auth0 in Rails with devise has nil in the request.env['omniauth.auth']
I'm setting up a rails app that has Active Admin using devise and I'm trying to add an OmniAuth authentication using Auth0. 我正在使用devise设置具有Active Admin的Rails应用,并且试图使用Auth0添加OmniAuth身份验证。
I've installed the gem 'omniauth-auth0', '~> 2.2'
. 我已经安装了
gem 'omniauth-auth0', '~> 2.2'
。
I've added the callback controller and routes. 我添加了回调控制器和路由。
I've added the middleware initializer (note that the AUTH_CLIENT_SECRET
is null) 我添加了中间件初始化程序(请注意,
AUTH_CLIENT_SECRET
为空)
# config/initializers/auth0.rb
Rails.application.config.middleware.use OmniAuth::Builder do
provider(
:auth0,
ENV.fetch('AUTH0_CLIENT_ID'),
ENV.fetch('AUTH0_CLIENT_SECRET'),
ENV.fetch('AUTH0_DOMAIN'),
callback_path: '/auth/auth0/callback'
)
end
My devise initilizer has nothing related to OAuth. 我的装置初始化程序与OAuth没有任何关系。
The view has the code: 该视图具有以下代码:
<div class="oauth hidden">
<div id="root" style="width: 320px; margin: 40px auto; padding: 10px; border-style: dashed; border-width: 1px; box-sizing: border-box;">
embedded area
</div>
<script src="https://cdn.auth0.com/js/lock/10.2/lock.min.js"></script>
<script>
var lock = new Auth0Lock(
'<%= ENV.fetch('AUTH0_CLIENT_ID') %>',
'<%= ENV.fetch('AUTH0_DOMAIN') %>', {
container: 'root',
auth: {
redirectUrl: '<%=ENV.fetch('AUTH0_CALLBACK_URL') %>',
responseType: 'code',
params: {
scope: 'openid profile email' // Learn about scopes: https://auth0.com/docs/scopes
}
}
});
lock.show();
</script>
</div>
And the controller has: 控制器具有:
module Api
class Auth0Controller < ApplicationController
def callback
# This stores all the user information that came from Auth0
# and the IdP
session[:userinfo] = request.env['omniauth.auth']
# Redirect to the URL you want after successful auth
redirect_to admin_dashboard_url
end
def failure
# show a failure page or redirect to an error page
@error_msg = request.params['message']
end
end
end
Now, it seems like the middleware is not working as it should. 现在,似乎中间件无法正常工作。 The callback from the Auth0 server has a url parameter like this:
code=XXXXXXXXXXXX
and in the callback action and the value of request.env['omniauth.auth']
is nil. 来自Auth0服务器的回调具有类似url的参数:
code=XXXXXXXXXXXX
并且在回调操作中, request.env['omniauth.auth']
值为nil。
What am I doing wrong? 我究竟做错了什么?
I've found the problems: 我发现了问题:
config/initializers/auth0.rb
should account for that like: /api/auth/auth0/callback
. config/initializers/auth0.rb
,因此在config/initializers/auth0.rb
定义的回调路径应说明以下问题: /api/auth/auth0/callback
。 admin_user
model was omniauthable and it was overriding the routes defined for the callbacks. admin_user
模型是全能的,它覆盖了为回调定义的路由。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.