Skip to content

Instantly share code, notes, and snippets.

@andrewvanbeek-okta
Last active January 5, 2022 20:56
Show Gist options
  • Save andrewvanbeek-okta/a069611986d15bb924774c3635a5abb3 to your computer and use it in GitHub Desktop.
Save andrewvanbeek-okta/a069611986d15bb924774c3635a5abb3 to your computer and use it in GitHub Desktop.
Change a devise app from scratch
video link here: https://drive.google.com/file/d/1S59pmFe-Cp_s8aJLMax296x4AN0x0naK/view?usp=sharing
Add these Gems to your Gemfile
gem 'omniauth-oktaoauth'
gem 'activerecord-session_store'
gem "figaro"
Run In the Command Line
bundle install
bundle exec figaro install
rails generate active_record:session_migration
rails g migration AddOmniauthToUsers provider:index uid:index
*For active_record:session_migration add rails version for example in the video I use 5.2
rake db:migrate
Generate Sessions Controller(activerecord-session_store will expect it)
rails g controller Sessions new create destroy
Generate OmniauthCallbacksController
In your controllers folder create a users folder > then create a file omniauth_callbacks_controller.rb
in that file copy and paste this code
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
Create omniauth controller with users folder
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def oktaoauth
@user = User.from_omniauth(request.env["omniauth.auth"])
session[:oktastate] = request.env["omniauth.auth"]["uid"]
redirect_to root_path
end
end
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
In your models/users.rb Create model method and omniauthable
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
devise :omniauthable, omniauth_providers: [:oktaoauth]
def self.from_omniauth(auth)
user = User.find_or_create_by(email: auth["info"]["email"]) do |user|
user.provider = auth['provider']
user.uid = auth['uid']
user.email = auth['info']['email']
end
end
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
in routes.rb modify devise routes
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
devise_for :users, :controllers => { :omniauth_callbacks => "users/omniauth_callbacks" }
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
App controller
in application_controller.rb add two methods
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
def user_is_logged_in?
if !session[:oktastate]
print("this is not logged in")
redirect_to user_oktaoauth_omniauth_authorize_path
end
end
def after_sign_in_path_for(resource)
request.env['omniauth.origin'] || root_path
end
end
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
in config/initializers create a file session_store.rb and add this code:
Rails.application.config.session_store :active_record_store, :key => '_my_app_session'
,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,
Your application.yaml
OKTA_CLIENT_ID: "your clientId value"
OKTA_CLIENT_SECRET: "your client Secret value"
OKTA_ORG: "typically the name before okta.com so if your url is yourcompany.okta.com then simply leave yourcompany" OKTA_DOMAIN: "okta"
OKTA_URL: "your full okta tenant url"
OKTA_ISSUER: "your auth server url"
OKTA_AUTH_SERVER_ID: "the custom server id if you are using one if not leave blank"
OKTA_REDIRECT_URI: "http://localhost:3000/users/auth/oktaoauth/callback"
add these to your config/initializers/devise.rb
require 'omniauth-oktaoauth'
config.omniauth(:oktaoauth,
ENV['OKTA_CLIENT_ID'],
ENV['OKTA_CLIENT_SECRET'],
:scope => 'openid profile email',
:fields => ['profile', 'email'],
:client_options => {site: ENV['OKTA_ISSUER'], authorize_url: ENV['OKTA_ISSUER'] + "/v1/authorize", token_url: ENV['OKTA_ISSUER'] + "/v1/token"},
:redirect_uri => ENV["OKTA_REDIRECT_URI"],
:auth_server_id => ENV['OKTA_AUTH_SERVER_ID'],
:issuer => ENV['OKTA_ISSUER'],
:strategy_class => OmniAuth::Strategies::Oktaoauth)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment