https://github.com/ninjapanzer/omniauth-shootproof

https://github.com/ninjapanzer/omniauth-shootproof

gem oauth2 omniauth omniauth-oauth2 shootproof-api

Last synced: 4 months ago
JSON representation

• Host: GitHub
• URL: https://github.com/ninjapanzer/omniauth-shootproof
• Owner: ninjapanzer
• License: mit
• Created: 2017-06-09T15:24:47.000Z (about 9 years ago)
• Default Branch: master
• Last Pushed: 2017-06-09T16:28:29.000Z (about 9 years ago)
• Last Synced: 2026-01-14T11:26:13.072Z (6 months ago)
• Topics: gem, oauth2, omniauth, omniauth-oauth2, shootproof-api
• Language: Ruby
• Size: 15.6 KB
• Stars: 1
• Watchers: 0
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE.md

Awesome Lists containing this project

README

          
# OmniAuth Shootproof

### Based off OmniAuth OAuth2

[![Gem Version](http://img.shields.io/gem/v/omniauth-shootproof.svg)][gem]

[![Build Status](https://travis-ci.org/SavvySoftWorksLLC/omniauth-shootproof.svg?branch=master)](https://travis-ci.org/SavvySoftWorksLLC/omniauth-shootproof)

[![Dependency Status](http://img.shields.io/gemnasium/SavvySoftWorksLLC/omniauth-shootproof.svg)][gemnasium]

[gem]: https://rubygems.org/gems/omniauth-shootproof

[travis]: http://travis-ci.org/SavvySoftWorksLLC/omniauth-shootproof

[gemnasium]:https://gemnasium.com/github.com/SavvySoftWorksLLC/omniauth-shootproof

Shootproof API Docs:

- Auth: https://developer.shootproof.com/authdocs

- Actions: https://developer.shootproof.com/apidocs

This gem contains an OmniAuth strategy for Shootproof. It relies on the OAuth2 and OmniAuth-OAuth2 gems. Shootproof API does not conform exactly to the standard set forth with the base OAuth2 Client so some changes include:

- Access Tokens require the same params as the original Authorization request. The confusing part is the Token request is required POST so query string params are not included by default.

- The Access token requires the `redirect_uri` to match the `callback_url` from the Authorization request. Omniauth by default provides the query params from the Authorization callback in future `redirect_uri` params. This will no longer match so the query string is ditched.

- The Authorization endpoint does not pass-through any params os CSRF protection using the `state` param is not possible.

## Configuring the Shootproof Strategy

```ruby

Rails.application.config.middleware.use OmniAuth::Builder do

  provider :shootproof, , 

    scope: 'sp.event.get_list sp.event.get_photos sp.photo.info'

end

```

That's pretty much it!

Like normal you will have to interpret the authenticaion response in your OmniAUth Session Controller.

The `info` response will contain the following hash

```

{

  token: ,

  refresh_token: ,

  expires_at: ,

  expires_in: 

}

```

For convenience the `uid` will be populated with the Access Token

Paul Scarrone paul@savvysoftworks.com

Gary Newsome gary@savvysoftworks.com

SavvySoftWorks LLC.