auth0-samples / auth0-rubyonrails-sample Goto Github PK
View Code? Open in Web Editor NEWAuth0 Integration Samples for Ruby on Rails Web Applications
Home Page: https://auth0.com/docs/quickstart/webapp/rails
License: MIT License
Auth0 Integration Samples for Ruby on Rails Web Applications
Home Page: https://auth0.com/docs/quickstart/webapp/rails
License: MIT License
Hi
I have been following the tutorial for using Auth0 with Rails here https://auth0.com/docs/quickstart/webapp/rails/01-login
The issue I have is that most Rails applications (and ours is one of them) , if I hit a URL that needs a login, it will redirect me to the login screen, and then upon successful authentication continue on it’s merry journey.
I haven’t found anything in the documentation about how to do that redirect?
I have had to construct a URL myself … that seems to work … but it’s been a bit of trial and error and I would have thought that there was a better Rails way.
state = SecureRandom.hex
session['omniauth.state'] = state
callback_url = auth_auth0_callback_url
url = "https://#{ApplicationConfig::Auth0::DOMAIN}/authorize?response_type=code&client_id=#{ApplicationConfig::Auth0::CLIENT_ID}&redirect_uri=#{callback_url}&state=#{state}&scope=openid profile email"
So is there a better way of doing this?
Cheers
Shane
Auth0 is fantastic. I’ve worked on a few Rails implementations. Life would have been much easier if these services were around.
I see Devise listed. Hoping evangelists at Auth0 would find interest in setting up some templates here 👍
Hello. We're attempting to redirect users to the auth0 login page without a button press. Is this what the redirect
route is meant to accomplish? If so, the action seems to be left out of the sample controller.
A similar question was asked in #43, but it's still not clear how to capture the login URL manually.
i run: docker run -p 3000:3000 auth0-rubyonrails-01
that gives me:
No such file or directory
Hi I've got an error while I was running exec.sh on each examples.
Here is an error on 01_Login.
./exec.sh
Sending build context to Docker daemon 368.1kB
Step 1/10 : FROM ruby:2.7.1
---> 958d3491c09a
Step 2/10 : RUN apt-get update -qq && apt-get install -y build-essential libpq-dev nodejs
---> Using cache
---> 88220990be20
Step 3/10 : RUN mkdir /myapp
---> Using cache
---> 65ece683c8f3
Step 4/10 : WORKDIR /myapp
---> Using cache
---> bec1c20f524f
Step 5/10 : ADD Gemfile /myapp/Gemfile
---> Using cache
---> 24dfd1b7ce58
Step 6/10 : ENV BUNDLER_VERSION 2.1.4
---> Using cache
---> 15eac53f84b3
Step 7/10 : RUN gem install bundler -v ${BUNDLER_VERSION} && bundle install --jobs 20 --retry 5
---> Using cache
---> fe46475a8f73
Step 8/10 : ADD . /myapp
---> Using cache
---> 80b433646440
Step 9/10 : CMD /myapp/bin/rails s -b 0.0.0.0
---> Using cache
---> c8e49dae18dc
Step 10/10 : EXPOSE 3000
---> Using cache
---> 7b49ac976470
Successfully built 7b49ac976470
Successfully tagged auth0-rubyonrails-01:latest
Could not find concurrent-ruby-1.1.6 in any of the sources
Runbundle install
to install missing gems.
It's because Gemfile.lock has updated after bundle install
and it's not in .dockerignore.
https://github.com/auth0-samples/auth0-rubyonrails-sample/blob/master/01-Login/Dockerfile#L8
Sample using outdated version omniauth-auth0
v1.4.1 (up-to-date version is 2.0.0) and auth0-lock v10.0 (up-to-date version is 10.10). (AUTH-3758)
gem 'omniauth-rails_csrf_protection', '~> 0.1' needed to be updated to 1.0 in order to work again, else I got token errors.
I'm guessing that since you protect the dashboard page with "Secured" module, now if you try to get to the dashboard page it gets the redirected status. I'm wondering how to do the tests for this new behavior?
pg 0.18.4
with native extensions fails:
Gem::Ext::BuildError: ERROR: Failed to build gem native extension.
current directory: /private/var/folders/7k/fr4d2p4j1gx4gq4dfn86c_180000gn/T/bundler20160729-21579-1vr8vzepg-0.18.4/gems/pg-0.18.4/ext
/usr/local/opt/ruby/bin/ruby -r ./siteconf20160729-21579-93c7ua.rb extconf.rb
checking for pg_config... no
No pg_config... trying anyway. If building fails, please try again with
--with-pg-config=/path/to/pg_config
checking for libpq-fe.h... no
Can't find the 'libpq-fe.h header
*** extconf.rb failed ***
Could not create Makefile due to some reason, probably lack of necessary
libraries and/or headers. Check the mkmf.log file for more details. You may
need configuration options.
Provided configuration options:
--with-opt-dir
--with-opt-include
--without-opt-include=${opt-dir}/include
--with-opt-lib
--without-opt-lib=${opt-dir}/lib
--with-make-prog
--without-make-prog
--srcdir=.
--curdir
--ruby=/usr/local/Cellar/ruby/2.3.0/bin/$(RUBY_BASE_NAME)
--with-pg
--without-pg
--enable-windows-cross
--disable-windows-cross
--with-pg-config
--without-pg-config
--with-pg_config
--without-pg_config
--with-pg-dir
--without-pg-dir
--with-pg-include
--without-pg-include=${pg-dir}/include
--with-pg-lib
--without-pg-lib=${pg-dir}/lib
To see why this extension failed to compile, please check the mkmf.log which can be found here:
/var/folders/7k/fr4d2p4j1gx4gq4dfn86c_180000gn/T/bundler20160729-21579-1vr8vzepg-0.18.4/extensions/x86_64-darwin-15/2.3.0/pg-0.18.4/mkmf.log
extconf failed, exit code 1
Gem files will remain installed in /var/folders/7k/fr4d2p4j1gx4gq4dfn86c_180000gn/T/bundler20160729-21579-1vr8vzepg-0.18.4/gems/pg-0.18.4 for inspection.
Results logged to /var/folders/7k/fr4d2p4j1gx4gq4dfn86c_180000gn/T/bundler20160729-21579-1vr8vzepg-0.18.4/extensions/x86_64-darwin-15/2.3.0/pg-0.18.4/gem_make.out
Thank you for the great example!
I have one error.
Gem::LoadError: Specified 'sqlite3' for database adapter, but the gem is not loaded
add sqlite3 version for Gemfile
gem 'sqlite3', '~> 1.3.13'
I'm glad if you can use it as a reference.
Hi there, I'm trying to get this sample working for Rails 6.
I can authenticate via Auth0 and the callback is invoked with a payload, but the Rails session isn't updating:
session[:userinfo] = request.env['omniauth.auth']
is executed, but when the browser gets redirected, there's no session.
I've been looking at the PR from @davidpatrick, but no idea if this behaviour is expected or not.
Any ideas? Thanks.
i want to do this:
provider( :auth0, ENV['AUTH0_FRONTEND_CLIENT_ID'], ENV['AUTH0_FRONTEND_SECRET'], ENV['AUTH0_DOMAIN'], callback_path: "/:tenant/auth/auth0/callback", )
is possible?
Hello,
after following this tutorial, I am getting a verification error, at the step where callback url is requested. I already opened an issue under omniauth-auth0 gem but in case you may have an idea what's going on?
Simply what I am doing is, I have an initializer file for Auth0 config, and I have a link with href '/auth/auth0'. That's it. When I click the button, it makes a post request which has 302 respond. Then it makes the '/authorize' call and again a response with 302. Finally when it makes '/callback' request I am getting a verification error, where the log trace is:
jwt (2.7.0) lib/jwt/decode.rb:49:in `verify_signature'
jwt (2.7.0) lib/jwt/decode.rb:30:in `decode_segments'
jwt (2.7.0) lib/jwt.rb:29:in `decode'
omniauth-auth0 (3.1.0) lib/omniauth/auth0/jwt_validator.rb:52:in `decode'
omniauth-auth0 (3.1.0) lib/omniauth/strategies/auth0.rb:140:in `raw_info'
omniauth-auth0 (3.1.0) lib/omniauth/strategies/auth0.rb:69:in `block in <class:Auth0>'
omniauth (2.1.1) lib/omniauth/strategy.rb:109:in `instance_eval'
omniauth (2.1.1) lib/omniauth/strategy.rb:109:in `block in compile_stack'
omniauth (2.1.1) lib/omniauth/strategy.rb:108:in `each'
omniauth (2.1.1) lib/omniauth/strategy.rb:108:in `inject'
omniauth (2.1.1) lib/omniauth/strategy.rb:108:in `compile_stack'
omniauth (2.1.1) lib/omniauth/strategy.rb:102:in `extra_stack'
omniauth (2.1.1) lib/omniauth/strategy.rb:387:in `extra'
omniauth (2.1.1) lib/omniauth/strategy.rb:392:in `auth_hash'
omniauth (2.1.1) lib/omniauth/strategy.rb:417:in `callback_phase'
omniauth-oauth2 (1.8.0) lib/omniauth/strategies/oauth2.rb:93:in `callback_phase'
omniauth-auth0 (3.1.0) lib/omniauth/strategies/auth0.rb:125:in `callback_phase'
omniauth (2.1.1) lib/omniauth/strategy.rb:272:in `callback_call'
omniauth (2.1.1) lib/omniauth/strategy.rb:194:in `call!'
omniauth (2.1.1) lib/omniauth/strategy.rb:169:in `call'
omniauth (2.1.1) lib/omniauth/builder.rb:44:in `call'
rack (2.2.6.4) lib/rack/tempfile_reaper.rb:15:in `call'
rack (2.2.6.4) lib/rack/etag.rb:27:in `call'
rack (2.2.6.4) lib/rack/conditional_get.rb:27:in `call'
rack (2.2.6.4) lib/rack/head.rb:12:in `call'
actionpack (6.1.7.3) lib/action_dispatch/http/permissions_policy.rb:22:in `call'
actionpack (6.1.7.3) lib/action_dispatch/http/content_security_policy.rb:19:in `call'
rack (2.2.6.4) lib/rack/session/abstract/id.rb:266:in `context'
rack (2.2.6.4) lib/rack/session/abstract/id.rb:260:in `call'
actionpack (6.1.7.3) lib/action_dispatch/middleware/cookies.rb:697:in `call'
activerecord (6.1.7.3) lib/active_record/migration.rb:601:in `call'
actionpack (6.1.7.3) lib/action_dispatch/middleware/callbacks.rb:27:in `block in call'
activesupport (6.1.7.3) lib/active_support/callbacks.rb:98:in `run_callbacks'
actionpack (6.1.7.3) lib/action_dispatch/middleware/callbacks.rb:26:in `call'
actionpack (6.1.7.3) lib/action_dispatch/middleware/executor.rb:14:in `call'
actionpack (6.1.7.3) lib/action_dispatch/middleware/actionable_exceptions.rb:18:in `call'
actionpack (6.1.7.3) lib/action_dispatch/middleware/debug_exceptions.rb:29:in `call'
web-console (4.2.0) lib/web_console/middleware.rb:132:in `call_app'
web-console (4.2.0) lib/web_console/middleware.rb:28:in `block in call'
web-console (4.2.0) lib/web_console/middleware.rb:17:in `catch'
web-console (4.2.0) lib/web_console/middleware.rb:17:in `call'
actionpack (6.1.7.3) lib/action_dispatch/middleware/show_exceptions.rb:33:in `call'
railties (6.1.7.3) lib/rails/rack/logger.rb:37:in `call_app'
railties (6.1.7.3) lib/rails/rack/logger.rb:26:in `block in call'
activesupport (6.1.7.3) lib/active_support/tagged_logging.rb:99:in `block in tagged'
activesupport (6.1.7.3) lib/active_support/tagged_logging.rb:37:in `tagged'
activesupport (6.1.7.3) lib/active_support/tagged_logging.rb:99:in `tagged'
railties (6.1.7.3) lib/rails/rack/logger.rb:26:in `call'
sprockets-rails (3.4.2) lib/sprockets/rails/quiet_assets.rb:13:in `call'
actionpack (6.1.7.3) lib/action_dispatch/middleware/remote_ip.rb:81:in `call'
actionpack (6.1.7.3) lib/action_dispatch/middleware/request_id.rb:26:in `call'
rack (2.2.6.4) lib/rack/method_override.rb:24:in `call'
rack (2.2.6.4) lib/rack/runtime.rb:22:in `call'
activesupport (6.1.7.3) lib/active_support/cache/strategy/local_cache_middleware.rb:29:in `call'
actionpack (6.1.7.3) lib/action_dispatch/middleware/executor.rb:14:in `call'
actionpack (6.1.7.3) lib/action_dispatch/middleware/static.rb:24:in `call'
rack (2.2.6.4) lib/rack/sendfile.rb:110:in `call'
actionpack (6.1.7.3) lib/action_dispatch/middleware/host_authorization.rb:148:in `call'
rack-mini-profiler (2.3.4) lib/mini_profiler/profiler.rb:393:in `call'
webpacker (5.4.4) lib/webpacker/dev_server_proxy.rb:25:in `perform_request'
rack-proxy (0.7.6) lib/rack/proxy.rb:87:in `call'
railties (6.1.7.3) lib/rails/engine.rb:539:in `call'
puma (5.6.5) lib/puma/configuration.rb:252:in `call'
puma (5.6.5) lib/puma/request.rb:77:in `block in handle_request'
puma (5.6.5) lib/puma/thread_pool.rb:340:in `with_force_shutdown'
puma (5.6.5) lib/puma/request.rb:76:in `handle_request'
puma (5.6.5) lib/puma/server.rb:443:in `process_client'
puma (5.6.5) lib/puma/thread_pool.rb:147:in `block in spawn_thread'
Until this point, I haven't sent any user credentials (email/password) to sign in, I wonder which token signature is unverified?
Jumps directly to 4
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.