Skip to content

Avalon now accepts okta oauth auth method

ratlif19 requested to merge kyle/omniauth_okta into msul-main

Avalon Okta Oauth Integration

Updated the outdated oauth integration path to use proper csrf protected POST requests to authenticate with OKTA oauth.

Gems added

  • omniauth-okta, '~> 2.0'
  • omniauth-rails_csrf_protection, '~> 1.0'

Primary area of concern

Initial major issue causing the omniauth integration to fail was something with the devise.rb initializer. I am not entirely sure why this is the case but two things had to be done to resolve the issue.

  1. remove the Rails.application.reloader.to_prepare from wrapping the initializer
  2. remake the entire initializer and copy over all configuration Just removing the initializer from being wrapped by to_prepare did not fix the issue, neither did copying a new configuration file, updating it with the configuration, and re-wrapping it with the to_prepare block. I had to make a entirely new configuration file, copy the configuration, and NOT wrap it in the to_prepare block.

Outstanding Questions

N/A

TODO:

  • Update avalon user's email if email provided from okta changes
  • Update avalon user's uid and provider if a local user's email matches the email provided by okta
Edited by ratlif19

Merge request reports

Loading