Valid Login, No Details: email=nil image=nil name="github|38257089" nickname=nil about omniauth-auth0 HOT 7 CLOSED

Hey there thanks for the reply I've been away for the holidays and a cross country move. I picked it back up with fresh eyes this week but have not been having much progress. You are right about Devise putting them somewhere else (in my case request.env['omniauth.auth'], but that's where I originally got the nil values from, not where populated values are sitting). I'll report back after further tracing.

from omniauth-auth0.

@khrome-cape - Sorry for the trouble here. We have not tested with Devise at all so can't guarantee that this configuration will work. That said, we're happy to make any changes needed to make that possible.

In the meantime ... your logs look fine, that's what they look like on my end with a successful authentication. You configuration generally looks fine, I don't think either of the additional options there would have an effect on the auth data that's being compiled.

There is a newer version of this gem that you could try. That updates an underlying omniauth-oauth2 dependency which might make a difference.

Have you tried examining what you have in session once you've been authenticated? In my test app, I use session[:userinfo], which gives me the data structure outlined here. I wonder if Devise is just putting it somewhere else?

Lastly, can you test authentication with just OmniAuth by itself, outside of Devise? That would narrow the troubleshooting scope a bit.

from omniauth-auth0.

So I was able to get much closer to a working solution (a mixture of timing, scope changes and payload placement), but am still not receiving the email field (using the same scope & application credentials I do get this in node.js/passport ). Any ideas as to what could be going wrong?

from omniauth-auth0.

Glad to hear!

In authorize_params.scope you'll need to include email in there as well. The scope is the scope, it does not make a difference what language/platform you're using to request it.

Also ... read:users is not necessary there, that's not an OIDC scope.

from omniauth-auth0.

Awesome!

Not a dealbreaker, but it's curious I'm getting email without explicitly requesting it in node.js/passport. read:users came from one of the "use at your own risk" Devise + Omniauth + Auth0 solutions floating around on the web.

The long and short is the 3 libraries do work together, but configuration/setup is tricky. I'll be producing documentation internally for this purpose... at some point I'll try to reformat that as a short setup tutorial. Thanks!

from omniauth-auth0.

it's curious I'm getting email without explicitly requesting it in node.js/passport

One of the tenants of OpenID is you don't get back any profile data that you didn't explicitly ask for. It might be added later on in the process somewhere? Or maybe you asked for profile and the email address comes back as the name? The profile scope sends back this:

{
    "sub": "auth0|1234567890",
    "nickname": "josh.cunningham",
    "name": "[email protected]",
    "picture": "https://s.gravatar.com/avatar/ae098a33ae2acd0fd647f48749f8630c?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fjo.png",
    "updated_at": "2019-01-16T18:32:43.760Z"
}

You can see the email address in there but it's for the name attribute.

If you're able to provide the configuration information for using this library with Devise, we'd greatly appreciate it! It's a question that comes up now and again so it would be nice to have some documentation on it. Happy to test it on my end as well.

from omniauth-auth0.

I am having the same response as you @joshcanhelp @khrome-cape could is this normal?

from omniauth-auth0.