ratlif19 requested to merge kyle/omniauth_okta into msul-main Sep 10, 2024

Avalon Okta Oauth Integration

Updated the outdated oauth integration path to use proper csrf protected POST requests to authenticate with OKTA oauth.

Gems added

omniauth-okta, '~> 2.0'
omniauth-rails_csrf_protection, '~> 1.0'

Primary area of concern

Initial major issue causing the omniauth integration to fail was something with the devise.rb initializer. I am not entirely sure why this is the case but two things had to be done to resolve the issue.

remove the Rails.application.reloader.to_prepare from wrapping the initializer
remake the entire initializer and copy over all configuration Just removing the initializer from being wrapped by to_prepare did not fix the issue, neither did copying a new configuration file, updating it with the configuration, and re-wrapping it with the to_prepare block. I had to make a entirely new configuration file, copy the configuration, and NOT wrap it in the to_prepare block.

Outstanding Questions

N/A

TODO:

Update avalon user's email if email provided from okta changes
Update avalon user's uid and provider if a local user's email matches the email provided by okta

Edited Sep 24, 2024 by ratlif19

Avalon now accepts okta oauth auth method

Avalon Okta Oauth Integration

Gems added

Primary area of concern

Outstanding Questions

TODO:

Merge request reports