Image

OmniAuth : Doorkeeper : Devise : Redirect to the application after signup/signin

As you have an oauth provider using `Doorkeeper` and other oauth applications (clients). Its annoying when you have not already logged in to the provider app and you clicked `Sign In With Main App‘ button in the login page. Then the main app throws you at the login page. When you have to go to the login page in your client app and do the login all over again. This is so annoying.

If you want to get auto redirected to the client app after filling the sign-in form in the main app(provider app) then here is the solution

Doorkeeper.configure do
  # Change the ORM that doorkeeper will use (needs plugins)
  orm :active_record

  # This block will be called to check whether the resource owner is authenticated or not.
  resource_owner_authenticator do
    user_id = session["warden.user.user.key"][0][0] rescue nil
    User.find_by_id(user_id) || begin
      session['user_return_to'] = request.url
      redirect_to(new_user_session_url)
    end
  end
  
  ...

`begin .. end` block

In the snipped above; you have seen `begin` which might be new to you been used in such scenario.

`begin` is some how like a `do`..`end` closure however this cannot be stored in a variable.

  • its executed in the instant and binding its defined.
  • it returns the last statement executed inside it
  • returning from it returns from its container function
 > a= begin
?> 12
?> 13
?> end
 > a
 # => 13
Advertisements

Spree : oauth : Import Shipping/Billing Address along with PaymentSource from Doorkeeper app

If you already have billing/shipping address and payment info of the store in the OAuth provider [eg. some app with Doorkeeper]; and you don’t want to let your users go through  the hassle to fill the form all over again, then, you can reuse the data. For this, you need to return the info along with user info from the OAuth provider in the response.

# in /app/models/spree/user_decorator.rb
class << self
  def from_omniauth(auth_data)
    spree_user = get_or_set_user(auth_data)

    # Extract address info from the payload and update
    #  can update only shipping or both address with same data
    set_shipping_address(spree_user, auth_data) if spree_user.ship_address.nil?
    set_billing_address (spree_user, auth_data) if spree_user.bill_address.nil?
    
    # You might also import PaymentSource info from parent app
    #   Ex: User has already submitted payment info [CreditCard info] and
    #   and you have Stripe PaymentSource Id, then you can import the data
    #   along with other info. I recommend you to use HTTPS for this. 
    set_payment_source(spree_user, auth_data) if spree_user.payment_sources.blank?
 
    # Set user's role; say in parent app the user is Admin, then you
    #  might want to set that user as an Admin in child app as well.
    #  See the function definition below
    set_roles(spree_user, auth_data)
    
    # Need to return the user object
    spree_user
  end

  private
  # all the methods assisting 'from_omniauth' will go below here

Continue reading

Rails : Omniauth : Doorkeeper : skip the authorization step

Its simple using doorkeeper to allow some trusted client/apps to allow access without manual acceptance. It helps you to connect two applications seamlessly.

 

# In initializers/doorkeeper.rb
# Under some circumstances you might want to have applications auto-approved,
# so that the user skips the authorization step.
# For example if dealing with a trusted application.
# Example:
#   > client
#    => #<Doorkeeper::OAuth::Client:0x00000006d5f5b0
#     @application=
#       #<Doorkeeper::Application:0x00000006d5fb28
#       id: 1,
#       name: "store",
#       uid: "6ccaad72daa4f60f8a26ad1a7432e895ad12f6ecd816150c4a162b253cd7c2bd",
#       secret: "7e1bfb8e5ddc481021d9ebf445c438537c45734ad04dd51fa3cdeb8d2b5b47f2",
#       redirect_uri: "http://localhost:3001/users/auth/myapp/callback",
#       scopes: "",
#       created_at: Sat, 05 Mar 2016 16:24:56 UTC +00:00,
#       updated_at: Sun, 06 Mar 2016 04:12:01 UTC +00:00>>
#
#   > resource_owner
#   => #<User:0x00000006d56b68
#         id: 4,
#         email: "myemail@gmail.com",
#         encrypted_password: "$2a$10$Jz9aj4gc2fZGPSc2tPYwU.
skip_authorization do |resource_owner, client|
  client.name == 'store'
end