omniauth_openid_connect
omniauth_openid_connect copied to clipboard
omniauth
There should be a way to have a dynamic value for the `redirect_uri` value as the app hostname is not known at the configuration level. The default `OmniAuth` strategy uses...
Hi, first of all thanks for the gem! I was wondering if the gem also supports the OpenID Connect back-channel sign out protocol: https://openid.net/specs/openid-connect-backchannel-1_0.html. I could implement this myself by...
Hi thank you for this library super helpful! So i'm trying to setup sign in with slack per their doc: https://api.slack.com/authentication/sign-in-with-slack ```ruby Rails.application.config.middleware.use OmniAuth::Strategies::OpenIDConnect, { name: :sign_in_slack, issuer: 'https://slack.com', discovery:...
Hello all, I'm getting a routing error for the logout endpoint (RuntimeError (undefined method `match?' for /\A\/admin\/auth\/openid_connect(\/logout)/:Regexp):) My application setup is ruby version - 2.2.2 Devise version - 4.9 Gem...
Hello. Thanks all who maintain and contribute to this gem. I use it for SSO with ADFS in my project. While setting up I was getting the error ``` ......
Hi there! Thanks for creating & maintaining this gem :) I'd like to prevent this client from sending the `state` parameter during the request phase because in some cases I...
Hi, I'm running Rails v5.2.6 with Ruby v2.5.8, omniauth v2.1.2, omniauth-rails_csrf_protection v1.0.1, and omniauth_openid_connect v0.6.1, working on LTI 1.3 integration (https://andyfmiller.com/2018/12/28/launching-an-lti-1-3-resource-link-using-openid-connect-third-party-login/). When a third party POST request comes into our...
Allows the calling of the UserInfo endpoint to be configurable. As mentioned in #148, [ADFS does not support the `email` or `profile` claims](https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/overview/ad-fs-faq#what-permitted-scopes-are-supported-by-ad-fs-), and calling the UserInfo endpoint is pointless,...
`OpenIDConnect::ResponseObject::IdToken.decode` now accepts `OpenIDConnect::Discovery::Provider::Config::Response` instead of `key`. https://github.com/nov/openid_connect/blob/master/spec/openid_connect/response_object/id_token_spec.rb#L254-L300 then fetch JWK specified by the ID Token `kid` header from `jwks_uri` using `JSON::JWK::Set::Fetcher`. https://github.com/nov/openid_connect/blob/master/lib/openid_connect/response_object/id_token.rb#L70-L73 https://github.com/nov/openid_connect/blob/master/lib/openid_connect/discovery/provider/config/response.rb#L90-L93 and `JSON::JWK::Set::Fetcher` has JWKS caching feature....
