Raven Omniauth strategy

This Ruby gem provides an OmniAuth strategy for authenticating using the Raven SSO System, provided by the University of Cambridge.

Installation

Add the strategy to your Gemfile:

gem 'omniauth-ucam-raven'

And then run bundle install.

Usage

You will need to download the public key used by the Raven service to sign responses and store it somewhere that is not writable by your web application. Download the PEM formated PKCS#1 RSA public key from the Raven project pages here. You will also need the key ID that is currently in use - as of August 2004 this is 2. From this point on, we assume the full UNIX path and key ID are in the KEY_PATH and KEY_ID environment variables respectively.

You can integrate the strategy into your middleware in a config.ru:

use OmniAuth::Builder do
  provider :ucamraven, ENV['KEY_ID'], ENV['KEY_PATH']
end

If you're using Rails, you'll want to add the following to an initialisers eg. config/initializers/omniauth.rb and then restart your application:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :ucamraven, ENV['KEY_ID'], ENV['KEY_PATH']
end

For a full list of options that you can configure when setting :ucamraven as provider you will need to look here in the source code.

For additional information, please refer to the OmniAuth wiki.

See the code for the example Sinatra app for a hands-on example.

License

omniauth-ucam-raven is released under the MIT License. Copyright (c) 2018 Charlie Jonas.