OmniAuth & openid: getting certain fields from openid provider

6
votes

I'm using the rails gem: OmniAuth to login users.

When using an OpenId provider I would like to get certain field, like email and nickname but I don't see any documentation on this.

Any ideas?

thanks

6
ruby-on-railsopenidomniauth

6 Answers

4
votes

Are you asking how to request for that data, or how to ensure you get it? You can request for data using the OpenID AX attributes, but an OpenID provider isn't obliged to respond to what you request for. This should be of some help though:

Retrieve OpenID AX attributes from Google / Yahoo in Rails

It seems like Google will respond with an email only to

http://schema.openid.net/contact/email

whereas Yahoo will reply to

http://axschema.org/contact/email
2
votes

You might find this Railscast (towards the end) by Ryan Bates useful for capturing an email address when authenticating via OpenID. For other available fields, I guess you can add something of the following to your authentications controller when making the authentication request

# authentications_controller.rb
...
def create
  omniauth = request.env["omniauth.auth"]
  raise omniauth.to_yaml
  ...
end
...

and then log in via openID and see what options you have.

1
votes

There's some instructions for this under the "Google" openID section in the Devise omniauth integration docs:

https://github.com/plataformatec/devise/wiki/OmniAuth:-Overview

Look for the class method find_for_open_id in the User model and the controller subclass Users::OmniauthCallbacksController for how the data is passed through from the request.env["omniauth.auth"] hash. This relates to any OpenID strategy, not just the Google one.

In terms of customising exactly which attributes you ask for from the OpenID provider, you might be best to make your own clone of the omniauth_openid gem or subclass it and change the options. (See: https://github.com/intridea/omniauth-openid/blob/master/lib/omniauth/strategies/open_id.rb )

0
votes

request.env['omniauth.auth'] should have what you need. For Twitter it returns something like 

{
  'uid' => '12356',
  'provider' => 'twitter',
  'user_info' => {
    'name' => 'User Name',
    'nickname' => 'username',
    # ...
  }
}

Just inspect it for openid.

0
votes

request.env['omniauth.auth'] will contain the entire response from the callback. But not all providers return the user email(twitter won't). OpenID via google or yahoo should have email as part of 'user_info' hash.

0
votes

When you configure omniauth in your initialization block, you can override any of the options, including required and optional fields. As per the docs, use the Builder to get what you need configured. EG:

config.middleware.use OmniAuth::Builder do
        provider :open_id, :name => 'my_provider',
                 :identifier => 'https://myprovider.com/openid/xrds',
                 :required => ['http://axschema.org/namePerson/first','http://axschema.org/namePerson/last','http://axschema.org/contact/email','http://axschema.org/my_provider/some_field']
    end