Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Configuration with Devise #5

Closed
im-mattbrown opened this issue Apr 25, 2017 · 6 comments
Closed

Configuration with Devise #5

im-mattbrown opened this issue Apr 25, 2017 · 6 comments

Comments

@im-mattbrown
Copy link

im-mattbrown commented Apr 25, 2017

Is there a working example of omniauth-multi-provider being configured with Devise? I already have config.omniauth for other providers in initializers/devise.rb which adds omniauth middleware that would clash with the way this setup has the configuration in initializers/omniauth.rb. Based on working examples for other omniauth providers as well the configuration described here I would expect something like:

config.omniauth :multi_provider,
provider_name: :saml,
identity_provider_id_regex: /\d+/,
path_prefix: 'users/auth/saml',
name_identifier_format: 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
issuer: issuer_url,
allowed_clock_drift: 5.seconds do |identity_provider_id, rack_env|
identity_provider = SAML::IdentityProvider.find(identity_provider_id)
rack_env['salsify.saml_identity_provider'] = identity_provider
identity_provider.options
end

This results in an error: Devise::OmniAuth::StrategyNotFound: Could not find a strategy with name MultiProvider. Please ensure it is required or explicitly set it using the :strategy_class option.

:multi_provider is included in devise :omniauthable, omniauth_providers[] in user model. Anyone know of a solution?

@jturkel
Copy link
Member

jturkel commented Apr 26, 2017

We have a project that uses a combination of Devise for native user auth, Google Omniauth and multi-provider SAML Omniauth. We don't configure omniauth via Devise but rather via a separate omniauth initializer that looks something like:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :google_oauth2, Rails.configuration.google_oauth_client_id, Rails.configuration.google_oauth_client_secret,
           path_prefix: '/superusers/auth'

  uuid_regex = /[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/
  OmniAuth::MultiProvider.register(self,
                                   provider_name: :saml,
                                   name_identifier_format: 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
                                   path_prefix: '/users/auth/saml',
                                   issuer: 'salsify.com',
                                   allowed_clock_drift: 5.seconds,
                                   identity_provider_id_regex: uuid_regex) do |identity_provider_uuid, rack_env|
    identity_provider = Security::ExternalIdentityProvider.enabled.find!(identity_provider_uuid)
    identity_provider.provider_options
  end
end

@im-mattbrown
Copy link
Author

Ok. I think I am having the same problem as issue #4 with that though. When you say "Try updating the routes to include the metadata/SLO routes and pass the appropriate metadata/SLO options to OmniAuth::MultiProvider.register" I am not sure what that would look like. The metadata route for me (because of devise integration) would be http://example.com/users/auth/saml/metadata but I get that same Not found. Authentication passthru. error. I have included the patch module you recommend in issue #4 but still find the same error. What would the metadata option look like in OmniAuth::MultiProvider.register? Thanks for the help by the way.

@sbauch
Copy link

sbauch commented Jan 20, 2021

if you're getting the Not found. Authentication passthru. text, that suggests that the middleware is not being used. That's what the super-class OmniauthCallbacksController from Devise does if it isn't patched - https://github.com/heartcombo/devise/blob/master/app/controllers/devise/omniauth_callbacks_controller.rb#L6:L8

I think the README example is a little off? Sticking that middleware in config/omniauth.rb I don't think puts the file in the Rails load path. Try moving that file to config/initializers/omniauth.rb

@joshIsCoding
Copy link

@sbauch Moving the config to initializers as you suggested made all the difference for me in fixing our devise - multi-provider integration. Thanks a lot!

@jturkel
Copy link
Member

jturkel commented May 10, 2021

Great catch @sbauch! The README has been fixed in 70d864b.

@jturkel jturkel closed this as completed May 10, 2021
@leesmith
Copy link

I just opened an issue that deals with devise. I'm getting a 404 error on the callback assertion. Is there something I'm missing in the routes you're supposed to create with this gem to get it to point to the devise omniauth controller? Seems like I'm so close.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants