Class: OmniAuth::Strategies::Auth0

Inherits:
OAuth2
  • Object
show all
Includes:
Auth0::Telemetry
Defined in:
lib/omniauth/strategies/auth0.rb

Overview

Auth0 OmniAuth strategy

Instance Method Summary collapse

Methods included from Auth0::Telemetry

#telemetry, #telemetry_encoded

Instance Method Details

#authorize_paramsObject

Define the parameters used for the /authorize endpoint


85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
# File 'lib/omniauth/strategies/auth0.rb', line 85

def authorize_params
  params = super
  %w[connection connection_scope prompt screen_hint login_hint organization invitation].each do |key|
    params[key] = request.params[key] if request.params.key?(key)
  end

  # Generate nonce
  params[:nonce] = SecureRandom.hex
  # Generate leeway if none exists
  params[:leeway] = 60 unless params[:leeway]

  # Store authorize params in the session for token verification
  session['authorize_params'] = params

  params
end

#build_access_tokenObject


102
103
104
105
# File 'lib/omniauth/strategies/auth0.rb', line 102

def build_access_token
  options.token_params[:headers] = { 'Auth0-Client' => telemetry_encoded }
  super
end

#callback_phaseObject


124
125
126
127
128
# File 'lib/omniauth/strategies/auth0.rb', line 124

def callback_phase
  super
rescue OmniAuth::Auth0::TokenValidationError => e
  fail!(:token_validation_error, e)
end

#clientObject

Setup client URLs used during authentication


26
27
28
29
30
31
32
# File 'lib/omniauth/strategies/auth0.rb', line 26

def client
  options.client_options.site = domain_url
  options.client_options.authorize_url = '/authorize'
  options.client_options.token_url = '/oauth/token'
  options.client_options.userinfo_url = '/userinfo'
  super
end

#request_phaseObject

Declarative override for the request phase of authentication


108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
# File 'lib/omniauth/strategies/auth0.rb', line 108

def request_phase
  if no_client_id?
    # Do we have a client_id for this Application?
    fail!(:missing_client_id)
  elsif no_client_secret?
    # Do we have a client_secret for this Application?
    fail!(:missing_client_secret)
  elsif no_domain?
    # Do we have a domain for this Application?
    fail!(:missing_domain)
  else
    # All checks pass, run the Oauth2 request_phase method.
    super
  end
end