Comments (7)
Hey there thanks for the reply I've been away for the holidays and a cross country move. I picked it back up with fresh eyes this week but have not been having much progress. You are right about Devise putting them somewhere else (in my case request.env['omniauth.auth']
, but that's where I originally got the nil values from, not where populated values are sitting). I'll report back after further tracing.
from omniauth-auth0.
@khrome-cape - Sorry for the trouble here. We have not tested with Devise at all so can't guarantee that this configuration will work. That said, we're happy to make any changes needed to make that possible.
In the meantime ... your logs look fine, that's what they look like on my end with a successful authentication. You configuration generally looks fine, I don't think either of the additional options there would have an effect on the auth data that's being compiled.
There is a newer version of this gem that you could try. That updates an underlying omniauth-oauth2
dependency which might make a difference.
Have you tried examining what you have in session
once you've been authenticated? In my test app, I use session[:userinfo]
, which gives me the data structure outlined here. I wonder if Devise is just putting it somewhere else?
Lastly, can you test authentication with just OmniAuth by itself, outside of Devise? That would narrow the troubleshooting scope a bit.
from omniauth-auth0.
So I was able to get much closer to a working solution (a mixture of timing, scope changes and payload placement), but am still not receiving the email field (using the same scope & application credentials I do get this in node.js/passport ). Any ideas as to what could be going wrong?
from omniauth-auth0.
Glad to hear!
In authorize_params.scope
you'll need to include email
in there as well. The scope is the scope, it does not make a difference what language/platform you're using to request it.
Also ... read:users
is not necessary there, that's not an OIDC scope.
from omniauth-auth0.
Awesome!
Not a dealbreaker, but it's curious I'm getting email without explicitly requesting it in node.js/passport. read:users
came from one of the "use at your own risk" Devise + Omniauth + Auth0 solutions floating around on the web.
The long and short is the 3 libraries do work together, but configuration/setup is tricky. I'll be producing documentation internally for this purpose... at some point I'll try to reformat that as a short setup tutorial. Thanks!
from omniauth-auth0.
it's curious I'm getting email without explicitly requesting it in node.js/passport
One of the tenants of OpenID is you don't get back any profile data that you didn't explicitly ask for. It might be added later on in the process somewhere? Or maybe you asked for profile
and the email address comes back as the name
? The profile
scope sends back this:
{
"sub": "auth0|1234567890",
"nickname": "josh.cunningham",
"name": "[email protected]",
"picture": "https://s.gravatar.com/avatar/ae098a33ae2acd0fd647f48749f8630c?s=480&r=pg&d=https%3A%2F%2Fcdn.auth0.com%2Favatars%2Fjo.png",
"updated_at": "2019-01-16T18:32:43.760Z"
}
You can see the email address in there but it's for the name
attribute.
If you're able to provide the configuration information for using this library with Devise, we'd greatly appreciate it! It's a question that comes up now and again so it would be nice to have some documentation on it. Happy to test it on my end as well.
from omniauth-auth0.
I am having the same response as you @joshcanhelp @khrome-cape could is this normal?
from omniauth-auth0.
Related Issues (20)
- IdP initiated session fails to verify HOT 2
- Specifying callback_uri HOT 1
- Ruby in Rails – Redirect to Login HOT 1
- Unable to configure New Universal Login with prompt config HOT 2
- OmniAuth v2.0.0rc1 HOT 3
- Consider mentioning that Turbo should be disabled for login links HOT 3
- How do I logout a user from my client app once his auth0 session has expired? HOT 3
- Scopes not being added to token? HOT 2
- Auth0 Login Button does nothing in Rails 7 unless Turbo is disabled HOT 2
- Redirect to login page from GET request HOT 4
- Rails.application.config_for(:auth0) returns nil HOT 1
- TypeError: incompatible marshal file format (can't be read) format version 4.8 required; 216.25 given HOT 11
- Authentication failure! Signature verification raised: JWT::VerificationError
- Upgraded to omniauth-auth0 3.1.0 but got errors HOT 2
- Improve JWTValidator to also validate access tokens HOT 3
- the auth object does not provides the permissions data and the aud is the client id instead of the audience HOT 1
- Returned Twitter nickname is not same as user's actual Twitter handle HOT 1
- undefined method `split' for nil:NilClass HOT 2
- Redirect to signup HOT 15
- Intermittent CSRF Detected HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from omniauth-auth0.