Rails單點登錄

Question

我有一個Rails應用程序和一個Wordpress網站。 Rails數據庫中的所有用戶。現在我想從Rails應用程序向wordpress提供SSO。

我發現了一些內容，但其中大多數都提供了從Wordpress到Rails的SSO。

你有什麼想法來解決這個任務嗎？

謝謝。

Answer 1

你對這個問題有點模糊，所以我會盡我所能做到最好。

首先你應該添加色器件/ omniauth寶石的Gemfile中

gem 'devise' 
gem 'omniauth' 
gem 'omniauth-wordpress-oauth2-plugin', github: 'jwickard/omniauth-wordpress-oauth2-plugin' 

安裝的oauth2提供商插件你的WordPress網站：

https://github.com/jwickard/wordpress-oauth

與回調爲您的軌道的客戶端項應用鍵設置爲： http://example.com/users/auth/wordpress_oauth2/callback

然後你必須Configur Ë設計/ Omniauth

#config/initializers/devise.rb 
config.omniauth :wordpress_oauth2, ENV['APP_ID'], ENV['APP_SECRET'], 
       strategy_class: OmniAuth::Strategies::WordpressOauth2Plugin, 

client_options：{網站： 'http://yourcustomwordpress.com'}

現在你必須設置路由，允許回調

#config/routes.rb 
devise_for :users, controllers: { omniauth_callbacks: 'omniauth_callbacks' } 

創建回調控制器

#app/controllers/omniauth_callbacks_controller.rb 
class OmniauthCallbacksController < ApplicationController 

    def wordpress_oauth2 
    #You need to implement the method below in your model (e.g. app/models/user.rb) 
    @user = User.find_for_wordpress_oauth2(request.env["omniauth.auth"], current_user) 

    if @user.persisted? 
     flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Wordpress Oauth2" 
     sign_in_and_redirect @user, :event => :authentication #this will throw if @user is not activated 
    else 
     session["devise.wordpress_oauth2_data"] = request.env["omniauth.auth"] 
     redirect_to new_user_registration_url 
    end 
    end 

end 

現在您必須確保用戶型號不可缺少

class User < ActiveRecord::Base 
    devise :database_authenticatable, :registerable, 
    :recoverable, :rememberable, :trackable, :validatable, :omniauthable 
    ... 

def self.find_for_wordpress_oauth2(oauth, signed_in_user=nil) 

    #if the user was already signed in/but they navigated through the authorization with wordpress 
    if signed_in_user 

     #update/synch any information you want from the authentication service. 
     if signed_in_user.email.nil? or signed_in_user.email.empty? 
     signed_in_user.update_attributes(email: oauth['info']['email']) 
     end 

     return signed_in_user 
    else 
     #find user by id and provider. 
     user = User.find_by_provider_and_uid(oauth['provider'], oauth['uid']) 

     #if user isn't in our database yet, create it! 
     if user.nil? 
     user = User.create!(email: oauth['info']['email'], uid: oauth['uid'], provider: oauth['provider'], 
          nickname: oauth['extra']['user_login'], website: oauth['info']['urls']['Website'], 
          display_name: oauth['extra']['display_name']) 
     end 

     user 
    end 

end 



end 

我希望這能夠幫助