Skip to content

Instantly share code, notes, and snippets.

@bearded-avenger
Last active January 11, 2022 17:04
Show Gist options
  • Save bearded-avenger/c1cbaa093566489cb8c36a7b83cf0f34 to your computer and use it in GitHub Desktop.
Save bearded-avenger/c1cbaa093566489cb8c36a7b83cf0f34 to your computer and use it in GitHub Desktop.
Rails - SSO - WordPress - Authenticating against a WordPress install from a Rails site using oAuth
config.omniauth :wordpress_hosted, ENV['SSO_KEY'], ENV['SSO_SECRET'],
strategy_class: OmniAuth::Strategies::WordpressHosted,
client_options: { site: ENV['SSO_URL'] }
#authentication framework
gem 'devise'
#oauth2 integration
gem 'omniauth'
gem 'omniauth-oauth2', '1.3.1' # DO NOT change this! If we update teo 1.4 the SSO doesnt work anymore
gem 'omniauth-wordpress_hosted', github: 'jwickard/omniauth-wordpress-oauth2-plugin'
class Users::OmniauthCallbacksController < Devise::OmniauthCallbacksController
def wordpress_hosted
Rails.logger.debug request.env["omniauth.auth"]
@user = User.find_for_wordpress_oauth2(request.env["omniauth.auth"], current_user)
if @user.persisted?
flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "your CG Cookie"
sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated
else
session["devise.wordpress_oauth2_data"] = request.env["omniauth.auth"]
redirect_to new_user_registration_url
end
end
end
devise_for :users, controllers: { omniauth_callbacks: 'users/omniauth_callbacks' }
class User < ActiveRecord::Base
devise :database_authenticatable, :registerable, :recoverable, :rememberable, :trackable, :validatable, :omniauthable
def self.find_for_wordpress_oauth2(oauth, signed_in_user=nil)
if signed_in_user
if signed_in_user.email.nil? or signed_in_user.email.eql?('')
signed_in_user.update_attributes(email: oauth['info']['email'])
end
return signed_in_user
else
user = User.find_by_provider_and_uid(oauth['provider'], oauth['uid'])
if user.nil?
user = User.create!(email: oauth['info']['email'], id: oauth['uid'], provider: oauth['provider'] )
end
user
end
end
def self.find_by_provider_and_uid(provider, uid)
where(provider: provider, id: uid).first
end
end
@bearded-avenger
Copy link
Author

bearded-avenger commented May 26, 2016

Rails 4.2.6
WordPress 4.5

  1. Activate Plugin
  2. Create client with callback set to http://localhost:3000/users/auth/wordpress_hosted/callback
  3. Create rails site, setup Devise
  4. Edit config/initializers/devise.rb
  5. Manually add omniauth_callbacks_controller to controllers/users
  6. Edit route.rb
  7. Edit user model user.rb
  8. Add provider column to users db (string)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment