如何在运行时动态设置 OmniAuth 范围?

【问题标题】:How to dynamically set the OmniAuth scope on runtime?如何在运行时动态设置 OmniAuth 范围?
【发布时间】:2020-03-14 05:16:25
【问题描述】:

我之前曾被指向OnmiAuth Dynamic Providers,以便根据访问的域在运行时切换提供程序。我的解决方案是基于omniauth-shopify-oauth2this great answer

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :shopify,
  scope: 'read_orders,read_products',
  setup: lambda { |env|
    request         = ActionDispatch::Request.new(env)
    subdomain       = "#{request.subdomain}" != "" ? "#{request.subdomain}." : ""
    domain          = "#{request.domain}"
    full_domain     = subdomain+domain
    shopify_client  = Rails.cache.fetch("#{full_domain}_shopify_client")

    env['omniauth.strategy'].options.merge!(
      {
        client_id:       shopify_client[:client_id],
        client_secret:   shopify_client[:client_secret]
      }
    )
    env['omniauth.strategy'].options[:client_options][:site] = "https://#{request.GET['shop']}"
  }
end

但现在我还需要能够动态设置范围。所以缓存中的"#{full_domain}_shopify_client" 将包含一个额外的client_permissions 键,其中包含例如'read_orders,read_products''read_products'

如何重构我的代码才能做到这一点?

【问题讨论】:

    标签: ruby-on-rails ruby omniauth


    【解决方案1】:

    这是一个可能有帮助的链接:https://github.com/Shopify/omniauth-shopify-oauth2/issues/60

    我以一种似乎实现了你想要的方式重新编写了你的​​脚本。从 :client_permissions 键动态添加“范围”

    Rails.application.config.middleware.use OmniAuth::Builder do
  provider :shopify,
  setup: lambda { |env|
    request         = ActionDispatch::Request.new(env)
    subdomain       = request.subdomain
    domain          = request.domain
    full_domain     = subdomain+domain
    shopify_client  = Rails.cache.fetch("#{full_domain}_shopify_client")

    env['omniauth.strategy'].options.merge!(
      {
        client_id:       shopify_client[:client_id],
        client_secret:   shopify_client[:client_secret],
        scope:           shopify_client[:client_permissions]
        client_options: {
          site: "https://#{request.GET['shop']}"
        },

      }
    )

end

    如果出现Scope does not match, it may have been tampered with. 错误,您可能还必须在会话中设置Rails.cache.fetch("#{full_domain}_shopify_client")[:client_permissions] (session['shopify.oauth.scope'])。

    strategy = env['omniauth.strategy']
session = strategy.session.with_indifferent_access
env['omniauth.strategy'].options[:scope] = session['shopify.oauth.scope']

    在您的设置 lambda 中。

    然后,在重定向到 oauth 回调之前(例如,从控制器)

    subdomain       = request.subdomain
domain          = request.domain
full_domain     = subdomain+domain
shopify_client  = Rails.cache.fetch("#{full_domain}_shopify_client")

session['shopify.oauth.scope'] = shopify_client[:client_permissions]

    【讨论】:

    • 完美,回答,非常感谢。我没有收到Scope does not match, it may have been tampered with. 错误。
    猜你喜欢
    • 2014-09-16
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 2020-03-06
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode