5e263baed2
- name: :oidc → Identifier for this login provider in the app. - scope: [:openid, :email, :profile] → Tells the provider we want the user’s ID (openid), their email, and basic profile info (name, picture, etc.). - response_type: :code → Uses Authorization Code Flow, which is more secure because tokens are not exposed in the URL. - issuer: Rails.application.secrets.oidc_issuer → The base URL of the OIDC provider (e.g., Auth0). Used to find its config. - discovery: true → Automatically fetches the provider’s endpoints from its discovery document instead of manually setting them. - client_auth_method: :basic → Sends client ID and secret using HTTP Basic Auth when exchanging the code for tokens. Add system tests for OIDC Auth Edit the oauth docs to support OIDC auth
25 lines
539 B
Ruby
25 lines
539 B
Ruby
class Devise::OmniauthFormComponent < ApplicationComponent
|
|
attr_reader :action
|
|
|
|
def initialize(action)
|
|
@action = action
|
|
end
|
|
|
|
def render?
|
|
oauth_logins.any?
|
|
end
|
|
|
|
private
|
|
|
|
def oauth_logins
|
|
[
|
|
(:twitter if feature?(:twitter_login)),
|
|
(:facebook if feature?(:facebook_login)),
|
|
(:google_oauth2 if feature?(:google_login)),
|
|
(:wordpress_oauth2 if feature?(:wordpress_login)),
|
|
(:saml if feature?(:saml_login)),
|
|
(:oidc if feature?(:oidc_login))
|
|
].compact
|
|
end
|
|
end
|