openid-connect-ruby
A literal, not so idiomatic ruby port of Michael Jett's excellent OpenID Connect library for PHP.
Requirements
Installation
gem install openid_connect_client
Usage
The process is just like oAuth authentication. It's done in two steps: first, you'll request authorization, and redirect the user to the OpenID Connect provider. If your app gets authorized, then the provider will redirect the user back to your callback url, where you'll be able to ask the provider for the user data.
See example.rb
On the login controller
# 1. Client setup, ideally done in a helper method
oidc = OpenIDConnectClient::Client.new('https://provider.com/openid', 'CLIENT_ID', 'SECRET')
oidc.redirect_url = "http://yourweb.com/callback"
oidc.scopes = "openid email profile address phone"
# 2. Request authorization
oidc.()
# 3. Save state in session
session[:state] = oidc.state
# 4. Redirect user to OpenID Connect provider
redirect_to(oidc.auth_endpoint)
On the callback controller
# 1. Client setup, ideally done in a helper method
oidc = OpenIDConnectClient::Client.new('https://provider.com/openid', 'CLIENT_ID', 'SECRET')
oidc.redirect_url = "http://yourweb.com/callback"
oidc.scopes = "openid email profile address phone"
# 2. Restore state
oidc.state = session[:state]
# 3. Pass the authorization parameters sent by the provider
oidc.params = request.parameters
# 4. Authenticate your app against the provider
oidc.authenticate()
# 5. Fetch the user's details
given_name = oidc.get('given_name')
email = oidc.get('email')
address = oidc.get('address')