Comments (4)
Is something like the warden-doorkeeper gem the best solution to begin integrating these, or can it be more simply done?
I'm not familiar with this gem but it looks to be just a bit of glue around Doorkeeper.
Setting this up basically involves these steps:
- Setup
devise
or another form of authentication - Setup
doorkeeper
, optionally in combination withwarden-doorkeeper
- Setup
doorkeeper-openid_connect
- Create one or more Doorkeeper applications with the
openid
scope included, and configure your clients with them
Is it possible to use existing session state if the user is already logged in?
Hmm neither Doorkeeper or this extension deals directly with sessions, it's basically just an authentication API and any handling of session state will happen in your client application ("Relying Party" in OIC terms).
Maybe I misunderstood, could you elaborate on what the client side looks like?
Which part of this is responsible for rendering the view wherein the user (post-authentication) is presented with the requested scopes/claims and accepts or rejects the authorization request?
That's Doorkeeper, see Customizing views and this caveat for nonces.
Finally, is a migration on the user to store some sort of subject identifier required or is there a property on the user object provided by doorkeeper already that can be coopted into this role?
No, you have to define how to get the identifier with the subject
callback, see README
Thank you very much!
You're welcome! I tweaked the README a bit, let me know which parts are still unclear.
Doorkeeper also has an extensive wiki) and example applications.
from doorkeeper-openid_connect.
Great, thanks. I'll take a look and come back with clarifications/questions. Great to see some support for this gem, much appreciated!
from doorkeeper-openid_connect.
[Edit: Nevermind, was using webfinger instead of openid-configuration]
from doorkeeper-openid_connect.
@malacalypse gotcha :)
Just for reference, the routes added by this gem are described in the README, and I just added a link to the Doorkeeper wiki for details on how to customize them.
from doorkeeper-openid_connect.
Related Issues (20)
- Overriding AuthorizationsController in Development Mode HOT 2
- Can `.well-known/openid-configuration` return an alternate uri for `jwks_uri` HOT 1
- fix issuer {} for `.well-known/openid-configuration` using blocks HOT 1
- Is it possible to configure and use Authentication Context Class References?
- `/.well-known/openid-configuration` crashes when `Doorkeeper.config.allow_token_introspection` is false HOT 1
- Shouldn't controllers inherit `Doorkeeper::ApplicationMetalController`? HOT 1
- Using `root_url` in `#webfinger_response` can violate specification
- `access_grant_class` is broken. HOT 7
- Possible to disable `client_secret_basic` for `token_endpoint_auth_methods_supported`?
- RP-initiated logout post_logout_redirect_uri is not validatable
- Broken with Doorkeeper v5.6.3
- uninitialized constant Doorkeeper::JWT::JWK in 1.8.4 HOT 8
- OpenID working with rails app HOT 5
- Support for sessions and session_state HOT 1
- Support multiple devise models
- `kid` value in headers in different format after upgrading from 1.8.3 to 1.8.5 HOT 2
- Missing v1.8.5 tag HOT 2
- NameError: uninitialized constant Doorkeeper::JWT::JWK HOT 6
- kid is different for different versions of doorkeeper-openid_connect HOT 1
- Certificate verify failed from SSL
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from doorkeeper-openid_connect.