Avalon now accepts okta oauth auth method
Avalon Okta Oauth Integration
Updated the outdated oauth integration path to use proper csrf protected POST requests to authenticate with OKTA oauth.
Gems added
- omniauth-okta, '~> 2.0'
- omniauth-rails_csrf_protection, '~> 1.0'
Primary area of concern
Initial major issue causing the omniauth integration to fail was something with the devise.rb initializer. I am not entirely sure why this is the case but two things had to be done to resolve the issue.
- remove the
Rails.application.reloader.to_prepare
from wrapping the initializer - remake the entire initializer and copy over all configuration
Just removing the initializer from being wrapped by to_prepare did not fix the issue, neither did copying a new configuration file, updating it with the configuration, and re-wrapping it with the
to_prepare
block. I had to make a entirely new configuration file, copy the configuration, and NOT wrap it in theto_prepare
block.
Outstanding Questions
N/A
TODO:
-
Update avalon user's email if email provided from okta changes -
Update avalon user's uid and provider if a local user's email matches the email provided by okta
Edited by ratlif19