All geek questions in one place

Omniauth: How to Set Runtime Authentication Provider Data

I have a rails application available from 2 domains. Facebook requires me to register a facebook application for each of these domains and give me credentials for each. With Omniauth, I can only specify one set of credentials that is installed when the application starts. However, I will need to provide the FB with different credentials depending on the request host.

There are two problems here:

  • How can I change the Omniauth credentials for facebook at runtime?
  • How to intercept the facebook call, check the domain and set the credentials accordingly? A before the filter will not work, because Omniauth uses the Rack middleware.

Any suggestions are welcome!

+4
source share
1 answer

Copy the answer from the comments to remove this question from the "No Answer" filter:

I decided it myself now. The problem was that the fb strategy calls back to fb a second time to get an access token. In this second call, the wrong credentials (those that are installed in the initializer) were used. So I had to fix the OAuth2 strategy so that it rails app again in order to set the runtime credentials for this second call. In the callback, which usually only processes the Omniauth response form, I set the credentials and returned 404 if request.env ["omniauth.auth"]. This works well, but has some side effects for applications without dynamic providers.

The problem is that even if the application does not want to set credentials at run time, it must add a condition to the callback, for example, if request.env ["omniauth.auth"] is executed to avoid the callback code when it is called in first time. Perhaps the solution is to add a parameter to the Omniauth constructor, for example: dynamic_provider, and only call the application if it is installed.

~ answer per Nico

0
source

Source: https://habr.com/ru/post/1339853/

More articles: