[![Build Status](https://travis-ci.org/auth0/omniauth-auth0.svg)](https://travis-ci.org/auth0/omniauth-auth0)

# OmniAuth Auth0

This is the official [OmniAuth](https://github.com/intridea/omniauth) strategy for authenticating to [Auth0](https://auth0.com).

## Installing

Add to your `Gemfile`:

```ruby
gem 'omniauth-auth0'
```

Then `bundle install`.

## Usage

### Rails

```ruby
Rails.application.config.middleware.use OmniAuth::Builder do
  provider :auth0, ENV['AUTH0_CLIENT_ID'], ENV['AUTH0_CLIENT_SECRET'], ENV['AUTH0_DOMAIN']
end
```

Then to redirect to your tenant's hosted login page:

```ruby
redirect_to '/auth/auth0'
```

### Sinatra

```ruby
use OmniAuth::Builder do
  provider :auth0, ENV['AUTH0_CLIENT_ID'], ENV['AUTH0_CLIENT_SECRET'], ENV['AUTH0_DOMAIN']
end
```

Then to redirect to your tenant's hosted login page:

```ruby
redirect to('/auth/auth0')
```

> You can customize your hosted login page in your [Auth0 Dashboard](https://manage.auth0.com/#/login_page)

### Auth parameters

To send additional parameters during login you can specify them when you register the provider

```ruby
provider 
  :auth0,
  ENV['AUTH0_CLIENT_ID'],
  ENV['AUTH0_CLIENT_SECRET'],
  ENV['AUTH0_DOMAIN'],
  {
    authorize_params: {
      scope: 'openid read:users write:order',
      audience: 'https://mydomain/api'
    }
  }
```

that will tell it to send those parameters on every Auth request.

Or you can do it for a specific Auth request by adding them in the query parameter of the redirect url:

```ruby
redirect_to '/auth/auth0?connection=google-oauth2'
```

### Auth Hash

Auth0 strategy will have the standard OmniAuth hash attributes:

- provider: the name of the strategy, in this case `auth0`
- uid: the user identifier
- info: the result of the call to /userinfo using OmniAuth standard attributes
- credentials: Auth0 tokens, at least will have an access_token but can eventually have refresh_token and/or id_token
- extra: Additional info obtained from calling /userinfo in the attribute `raw_info`

```ruby
	{
	  :provider => 'auth0',
	  :uid => 'google-oauth2|this-is-the-google-id',
	  :info => {
	    :name => 'John Foo',
	    :email => 'johnfoo@example.org',
	    :nickname => 'john',
	    :image => 'https://example.org/john.jpg'
	  },
	  :credentials => {
	    :token => 'XdDadllcas2134rdfdsI',
	    :expires_at => 1485373937,
        :expires => true,
        :refresh_token => 'aKNajdjfj123nBasd',
	    :id_token => 'eyJhbGciOiJIUzI1NiIsImN0eSI6IkpXVCJ9.eyJuYW1lIjoiSm9obiBGb28ifQ.lxAiy1rqve8ZHQEQVehUlP1sommPHVJDhgPgFPnDosg',
	    :token_type => 'bearer',
	  },
	  :extra => {
	    :raw_info => {
	      :email => 'johnfoo@example.org',
	      :email_verified => 'true',
	      :name => 'John Foo',
	      :picture => 'https://example.org/john.jpg',
	      :user_id => 'google-oauth2|this-is-the-google-id',
	      :nickname => 'john',
	      :created_at: '2014-07-15T17:19:50.387Z'
	    }
	  }
	}
```

### ActionDispatch::Cookies::CookieOverflow issue

If you are getting this error it means that you are using Cookie sessions and since you are storing the whole profile it overflows the max-size of 4K.

You can change to use In-Memory store for development as follows:

	# /config/initializers/session_store.rb
	CrazyApp::Application.config.session_store :cache_store

	# /config/environments/development.rb
	config.cache_store = :memory_store

## Documentation

For more information about [auth0](http://auth0.com) contact our [documentation page](http://docs.auth0.com/).

## Issue Reporting

If you have found a bug or if you have a feature request, please report them at this repository issues section. Please do not report security vulnerabilities on the public GitHub issue tracker. The [Responsible Disclosure Program](https://auth0.com/whitehat) details the procedure for disclosing security issues.

## Author

[Auth0](https://auth0.com)

## License

This project is licensed under the MIT license. See the [LICENSE](LICENSE) file for more info.