Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Auth hash in new version #14

Open
richardonrails opened this issue Aug 22, 2020 · 2 comments
Open

Auth hash in new version #14

richardonrails opened this issue Aug 22, 2020 · 2 comments

Comments

@richardonrails
Copy link

richardonrails commented Aug 22, 2020

I'm working on something new and have been playing with this gem before and after this 2.5.0 update

I see now the Auth hash is pretty barebones:

The omniauth-slack gem will now copy the access-token hash to the AuthHash info section, but it will no longer be mapping specific data points from the access-token to specific fields in the AuthHash info section (other than info fields that are 'required' by the OmniAuth::AuthHash schema spec).

Some misc feedback/questions:

  • I think it'd be helpful to provide (at least in documentation) an implementation that fills out the simple info fields listed here even if not required, such as email, nickname, first_name, last_name of the user.
  • I'm a bit confused why you're including the access token in the info section? Is that typical in OmniAuth (I've never worked with other providers before) but it seems surprising based on my reading of schema since there's a separate section for credentials and raw_info already. And even if you don't include the Access Token object in info, it's still available via request.env['omniauth.strategy'].access_token already, right?
  • This is more of a general OmniAuth question, but -- is it "normal" to put extra fields into the info section of the Auth Hash, or is it best practice to have the info section only contains fields listed in schema and to put everything else in extra?

In my case I'm trying to allow Sign in with Slack but also grabbing/storing some additional information about their team from users.list. Slightly confused regarding putting e.g. my users.list API call in the Strategy, the OmniauthCallbacksController, or User.from_omniauth. Also trying to plan for other providers besides Slack. This is what made me think it was odd to put non-standard fields in the info section of AuthHash, but I'm not sure.

@richardonrails
Copy link
Author

With how the gem is in 2.5.0, I think you also need to remove the entire skip_info section of the README, as it appears that option is no longer used at all.
https://github.com/ginjo/omniauth-slack/tree/master#skip_info-boolean

@SirRawlins
Copy link

@richardonrails @ginjo finding myself in a similar scenario after an upgrade to 2.5.0.

At the moment I can only gain access to the user email address through:

env['omniauth.strategy'].access_token.authed_user.get('/api/users.identity').parsed

Any advice on a better way to access the authorizing user's email? I like the new approach to the flexible, progressive info hash in principle, but I'm a little lost as to how to use it.

Am I doing this right? Or am I missing something?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants