Connect to Auth0

author: mo khan <mo@mokhan.ca> 2023-07-14 16:07:26 -0600
committer: mo khan <mo@mokhan.ca> 2023-07-14 16:07:26 -0600
commit: 9d83bd0c4b1d4d84f2ed9760fa6af3e124683780 (patch)
tree: 11ef62d82876da4bfb728e41217b4cffd70dc526
parent: 52abecf04831246b74aae4b7bedb735b41b74da0 (diff)
14 files changed, 138 insertions, 1 deletions
diff --git a/.gitignore b/.gitignore
index 886f714..f625f6e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -33,3 +33,4 @@
 
 # Ignore master key for decrypting credentials and more.
 /config/master.key
+/.env
diff --git a/Gemfile b/Gemfile
index f0c967e..eb60edd 100644
--- a/Gemfile
+++ b/Gemfile
@@ -42,6 +42,10 @@ gem "tzinfo-data", platforms: %i[ mingw mswin x64_mingw jruby ]
 # Reduces boot times through caching; required in config/boot.rb
 gem "bootsnap", require: false
 
+gem 'dotenv-rails', '~> 2.8'
+gem 'omniauth-auth0', '~> 3.1'
+gem 'omniauth-rails_csrf_protection', '~> 1.0', '>= 1.0.1'
+
 # Use Sass to process CSS
 # gem "sassc-rails"
 
diff --git a/Gemfile.lock b/Gemfile.lock
index f55e162..36dbf85 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -87,9 +87,18 @@ GEM
     debug (1.8.0)
       irb (>= 1.5.0)
       reline (>= 0.3.1)
+    dotenv (2.8.1)
+    dotenv-rails (2.8.1)
+      dotenv (= 2.8.1)
+      railties (>= 3.2)
     erubi (1.12.0)
+    faraday (2.7.10)
+      faraday-net_http (>= 2.0, < 3.1)
+      ruby2_keywords (>= 0.0.4)
+    faraday-net_http (3.0.2)
     globalid (1.1.0)
       activesupport (>= 5.0)
+    hashie (5.0.0)
     i18n (1.14.1)
       concurrent-ruby (~> 1.0)
     importmap-rails (1.2.1)
@@ -101,6 +110,7 @@ GEM
     jbuilder (2.11.5)
       actionview (>= 5.0.0)
       activesupport (>= 5.0.0)
+    jwt (2.7.1)
     loofah (2.21.3)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
@@ -115,6 +125,7 @@ GEM
     mini_mime (1.1.2)
     minitest (5.18.1)
     msgpack (1.7.1)
+    multi_xml (0.6.0)
     net-imap (0.3.6)
       date
       net-protocol
@@ -127,11 +138,33 @@ GEM
     nio4r (2.5.9)
     nokogiri (1.15.3-x86_64-darwin)
       racc (~> 1.4)
+    oauth2 (2.0.9)
+      faraday (>= 0.17.3, < 3.0)
+      jwt (>= 1.0, < 3.0)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 4)
+      snaky_hash (~> 2.0)
+      version_gem (~> 1.1)
+    omniauth (2.1.1)
+      hashie (>= 3.4.6)
+      rack (>= 2.2.3)
+      rack-protection
+    omniauth-auth0 (3.1.0)
+      omniauth (~> 2)
+      omniauth-oauth2 (~> 1)
+    omniauth-oauth2 (1.8.0)
+      oauth2 (>= 1.4, < 3)
+      omniauth (~> 2.0)
+    omniauth-rails_csrf_protection (1.0.1)
+      actionpack (>= 4.2)
+      omniauth (~> 2.0)
     public_suffix (5.0.1)
     puma (5.6.6)
       nio4r (~> 2.0)
     racc (1.7.1)
     rack (2.2.7)
+    rack-protection (3.0.6)
+      rack
     rack-test (2.1.0)
       rack (>= 1.3)
     rails (7.0.6)
@@ -167,11 +200,15 @@ GEM
     reline (0.3.6)
       io-console (~> 0.5)
     rexml (3.2.5)
+    ruby2_keywords (0.0.5)
     rubyzip (2.3.2)
     selenium-webdriver (4.10.0)
       rexml (~> 3.2, >= 3.2.5)
       rubyzip (>= 1.2.2, < 3.0)
       websocket (~> 1.0)
+    snaky_hash (2.0.1)
+      hashie
+      version_gem (~> 1.1, >= 1.1.1)
     sprockets (4.2.0)
       concurrent-ruby (~> 1.0)
       rack (>= 2.2.4, < 4)
@@ -190,6 +227,7 @@ GEM
       railties (>= 6.0.0)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
+    version_gem (1.1.3)
     web-console (4.2.0)
       actionview (>= 6.0.0)
       activemodel (>= 6.0.0)
@@ -214,8 +252,11 @@ DEPENDENCIES
   bootsnap
   capybara
   debug
+  dotenv-rails (~> 2.8)
   importmap-rails
   jbuilder
+  omniauth-auth0 (~> 3.1)
+  omniauth-rails_csrf_protection (~> 1.0, >= 1.0.1)
   puma (~> 5.0)
   rails (~> 7.0.6)
   selenium-webdriver
diff --git a/app/controllers/auth0_controller.rb b/app/controllers/auth0_controller.rb
new file mode 100644
index 0000000..269727c
--- /dev/null
+++ b/app/controllers/auth0_controller.rb
@@ -0,0 +1,24 @@
+class Auth0Controller < ApplicationController
+  def callback
+    session[:userinfo] = request.env['omniauth.auth']['extra']['raw_info']
+
+    redirect_to '/dashboard'
+  end
+
+  def failure
+    @error_msg = request.params['message']
+  end
+
+  def logout
+    reset_session
+
+    redirect_to URI::HTTPS.build(
+      host: Rails.application.config.auth0['auth0_domain'],
+      path: '/v2/logout',
+      query: {
+        returnTo: root_url,
+        client_id: Rails.application.config.auth0['auth0_client_id']
+      }.to_query
+    ).to_s
+  end
+end
diff --git a/app/controllers/dashboard_controller.rb b/app/controllers/dashboard_controller.rb
new file mode 100644
index 0000000..9505fcb
--- /dev/null
+++ b/app/controllers/dashboard_controller.rb
@@ -0,0 +1,13 @@
+class DashboardController < ApplicationController
+  before_action :logged_in_using_omniauth?
+
+  def show
+    @user = session[:userinfo]
+  end
+
+  private
+
+  def logged_in_using_omniauth?
+    redirect_to '/auth/redirect/' unless session[:userinfo].present?
+  end
+end
diff --git a/app/controllers/home_controller.rb b/app/controllers/home_controller.rb
new file mode 100644
index 0000000..89ff5b1
--- /dev/null
+++ b/app/controllers/home_controller.rb
@@ -0,0 +1,4 @@
+class HomeController < ApplicationController
+  def show
+  end
+end
diff --git a/app/views/auth0/failure.html.erb b/app/views/auth0/failure.html.erb
new file mode 100644
index 0000000..44b26e6
--- /dev/null
+++ b/app/views/auth0/failure.html.erb
@@ -0,0 +1,4 @@
+<div class="panel panel-danger">
+  <h2>Error <%= @error_msg %></h2>
+  <p><%= @omniauth_error %></p>
+</div>
diff --git a/app/views/auth0/redirect.html.erb b/app/views/auth0/redirect.html.erb
new file mode 100644
index 0000000..d79c399
--- /dev/null
+++ b/app/views/auth0/redirect.html.erb
@@ -0,0 +1,4 @@
+<div class="redirecting">Redirecting...</div>
+<%= button_to 'Login', '/auth/auth0', method: :post,  style: "display:none;", id: 'redirect' %>
+<script>document.getElementById('redirect').form.submit()</script>
+<noscript><style type="text/css"> #redirect { display:block !important; } .redirecting { display: none; }</style></noscript>
diff --git a/app/views/home/show.html.erb b/app/views/home/show.html.erb
new file mode 100644
index 0000000..701ae7a
--- /dev/null
+++ b/app/views/home/show.html.erb
@@ -0,0 +1,3 @@
+<section class="jumbotron text-center">
+  <%= button_to 'Login', '/auth/auth0', method: :post, class: 'btn btn-success btn-lg', id: 'qsLoginBtn' unless session[:userinfo].present? %>
+</section>
diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb
index f9ad37d..4139b4a 100644
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@@ -1,7 +1,7 @@
 <!DOCTYPE html>
 <html>
   <head>
-    <title>Jet</title>
+    <title>Jeté</title>
     <meta name="viewport" content="width=device-width,initial-scale=1">
     <%= csrf_meta_tags %>
     <%= csp_meta_tag %>
diff --git a/config/auth0.yml b/config/auth0.yml
new file mode 100644
index 0000000..f834d04
--- /dev/null
+++ b/config/auth0.yml
@@ -0,0 +1,14 @@
+development:
+  auth0_client_id: <%= ENV["AUTH0_CLIENT_ID"] %>
+  auth0_client_secret: <%= ENV["AUTH0_CLIENT_SECRET"] %>
+  auth0_domain: <%= ENV["AUTH0_DOMAIN"] %>
+
+test:
+  auth0_client_id: <%= ENV["AUTH0_CLIENT_ID"] %>
+  auth0_client_secret: <%= ENV["AUTH0_CLIENT_SECRET"] %>
+  auth0_domain: <%= ENV["AUTH0_DOMAIN"] %>
+
+production:
+  auth0_client_id: <%= ENV["AUTH0_CLIENT_ID"] %>
+  auth0_client_secret: <%= ENV["AUTH0_CLIENT_SECRET"] %>
+  auth0_domain: <%= ENV["AUTH0_DOMAIN"] %>
diff --git a/config/initializers/01_dotenv.rb b/config/initializers/01_dotenv.rb
new file mode 100644
index 0000000..fd3a052
--- /dev/null
+++ b/config/initializers/01_dotenv.rb
@@ -0,0 +1,4 @@
+if Rails.env.development? || Rails.env.test?
+  require 'dotenv'
+  Dotenv.load
+end
diff --git a/config/initializers/auth0.rb b/config/initializers/auth0.rb
new file mode 100644
index 0000000..5654c9b
--- /dev/null
+++ b/config/initializers/auth0.rb
@@ -0,0 +1,14 @@
+Rails.application.config.auth0 = Rails.application.config_for(:auth0)
+
+Rails.application.config.middleware.use OmniAuth::Builder do
+  provider(
+    :auth0,
+    Rails.application.config.auth0['auth0_client_id'],
+    Rails.application.config.auth0['auth0_client_secret'],
+    Rails.application.config.auth0['auth0_domain'],
+    callback_path: '/auth/auth0/callback',
+    authorize_params: {
+      scope: 'openid profile email'
+    }
+  )
+end
diff --git a/config/routes.rb b/config/routes.rb
index 262ffd5..3e2cf49 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -1,4 +1,11 @@
 Rails.application.routes.draw do
+  root 'home#show'
+
+  get '/dashboard' => 'dashboard#show'
+  get '/auth/auth0/callback' => 'auth0#callback'
+  get '/auth/failure' => 'auth0#failure'
+  get '/auth/logout' => 'auth0#logout'
+  get '/auth/redirect' => 'auth0#redirect'
   # Define your application routes per the DSL in https://guides.rubyonrails.org/routing.html
 
   # Defines the root path route ("/")
author	mo khan <mo@mokhan.ca>	2023-07-14 16:07:26 -0600
committer	mo khan <mo@mokhan.ca>	2023-07-14 16:07:26 -0600
commit	9d83bd0c4b1d4d84f2ed9760fa6af3e124683780 (patch)
tree	11ef62d82876da4bfb728e41217b4cffd70dc526
parent	52abecf04831246b74aae4b7bedb735b41b74da0 (diff)