stackoom
  简体   繁体   中英

Auth0 in Rails with devise has nil in the request.env['omniauth.auth']

 原文  2019-09-02 18:33:57       ruby-on-rails/ devise/ activeadmin/ omniauth/ auth0

Question

I'm setting up a rails app that has Active Admin using devise and I'm trying to add an OmniAuth authentication using Auth0.

I've installed the gem 'omniauth-auth0', '~> 2.2' .

I've added the callback controller and routes.

I've added the middleware initializer (note that the AUTH_CLIENT_SECRET is null) 

# config/initializers/auth0.rb
Rails.application.config.middleware.use OmniAuth::Builder do
  provider(
    :auth0,
    ENV.fetch('AUTH0_CLIENT_ID'),
    ENV.fetch('AUTH0_CLIENT_SECRET'),
    ENV.fetch('AUTH0_DOMAIN'),
    callback_path: '/auth/auth0/callback'
  )
end

My devise initilizer has nothing related to OAuth.

The view has the code: 

<div class="oauth hidden">
  <div id="root" style="width: 320px; margin: 40px auto; padding: 10px; border-style: dashed; border-width: 1px; box-sizing: border-box;">
    embedded area
  </div>
  <script src="https://cdn.auth0.com/js/lock/10.2/lock.min.js"></script>
  <script>
    var lock = new Auth0Lock(
      '<%= ENV.fetch('AUTH0_CLIENT_ID') %>',
      '<%= ENV.fetch('AUTH0_DOMAIN') %>', {
        container: 'root',
        auth: {
          redirectUrl: '<%=ENV.fetch('AUTH0_CALLBACK_URL') %>',
          responseType: 'code',
          params: {
            scope: 'openid profile email' // Learn about scopes: https://auth0.com/docs/scopes
          }
        }
      });
    lock.show();
  </script>
</div>

And the controller has: 

module Api
  class Auth0Controller < ApplicationController
    def callback
      # This stores all the user information that came from Auth0
      # and the IdP
      session[:userinfo] = request.env['omniauth.auth']

      # Redirect to the URL you want after successful auth
      redirect_to admin_dashboard_url
    end

    def failure
      # show a failure page or redirect to an error page
      @error_msg = request.params['message']
    end
  end
end

Now, it seems like the middleware is not working as it should. The callback from the Auth0 server has a url parameter like this: code=XXXXXXXXXXXX and in the callback action and the value of request.env['omniauth.auth'] is nil.

What am I doing wrong?

1 answers

solution1
 1  2019-09-03 11:11:15

I've found the problems:

  1. The routes were inside scopes, so the callback path defined in config/initializers/auth0.rb should account for that like: /api/auth/auth0/callback .
  2. The admin_user model was omniauthable and it was overriding the routes defined for the callbacks.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question request.env['omniauth.auth'] is nil in Ruby on Rails Rails, Devise, and Facebook Oauth: request.env[“omniauth.auth”] is nil request.env['omniauth.auth'][“info”][“email ”] returns nil request.env[“omniauth.auth”] returns nil if not called as argument Rails - Google oauth2 request.env['omniauth.auth'] is nil using omniauth with multiple models Omniauth /auth/facebook/callback.json - request.env[“omniauth.auth”] is nil How to get twitter user name from request.env[“omniauth.auth”] (Rails) Rails, Devise & Omniauth - See what's in env[“omniauth.auth”] Devise Omniauth-Saml: [“omniauth.auth”] is nil Ruby on Rails - request.env['HTTP_REFERER'] returns nil
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM