Skip to content

Instantly share code, notes, and snippets.

@wm
Created August 28, 2013 23:50
Show Gist options
  • Save wm/6372795 to your computer and use it in GitHub Desktop.
Save wm/6372795 to your computer and use it in GitHub Desktop.
Overriding the omniauth scope and translating it into a devise scope!
# Devise Client using omniauth
# ==> OmniAuth
# Add a new OmniAuth provider. Check the wiki for more information on setting
# up on your models and hooks.
config.omniauth :icis, APP_ID, APP_SECRET, client_options: { :site => APP_URL }, scope: 'person,read_only'
# Doorkeeper app with two devise models/scopes
# This block will be called to check whether the resource owner is authenticated or not.
resource_owner_authenticator do
# split because multiple scopes may be sent
scopes = request.params["scope"].split(',') if params["scope"]
devise_scope = if scopes.include?('user')
:user
elsif scopes.include?('person')
:person
else
# Raise Error?
end
current_user || current_person || warden.authenticate!(scope: devise_scope)
end
# Define access token scopes for your provider
# For more information go to https://github.com/applicake/doorkeeper/wiki/Using-Scopes
default_scopes :read_only
optional_scopes :user, :patient
@wm
Copy link
Author

wm commented Aug 29, 2013

I just added the 'read_only' scope to show how scopes are supposed to be passed along.

@wm
Copy link
Author

wm commented Aug 29, 2013

And if we wanted to go this route we could just extract lines 5-16 into a class

resource_owner_authenticator do
  UserPersonAuthenticator.call(request.params.scope)
end

@patricksrobertson
Copy link

That doesn't seem to be too ugly...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment