Top Menu

Jump to content
Home
    • Projects
    • Work packages
    • News
    • Getting started
    • Introduction video
      Welcome to OpenProject Community
      Get a quick overview of project management and team collaboration with OpenProject. You can restart this video from the help menu.

    • Help and support
    • User guides
    • Videos
    • Shortcuts
    • Community forum
    • Professional support

    • Additional resources
    • Data privacy and security policy
    • Digital accessibility (DE)
    • OpenProject website
    • Security alerts / Newsletter
    • OpenProject blog
    • Release notes
    • Report a bug
    • Development roadmap
    • Add and edit translations
    • API documentation
  • Sign in
      Forgot your password?
      Create a new account

      or sign in with your existing account

      Google

Side Menu

  • Overview
  • Activity
  • Roadmap
  • Work packages
  • Calendars
  • Team planners
  • Boards
  • Forums
  • Wiki
    • Table of contents
      • Expanded. Click to collapseCollapsed. Click to showDeveloper
        • Hierarchy leafAccessibility Checklist
        • Hierarchy leafCode Review Guidelines
        • Expanded. Click to collapseCollapsed. Click to showContribution
          • Hierarchy leafGit Workflow
          • Hierarchy leafTranslations
        • Expanded. Click to collapseCollapsed. Click to showDeveloping Plugins
          • Hierarchy leafDeveloping an OmniAuth Authentication Plugin
        • Hierarchy leafRelease Process
        • Hierarchy leafReport a bug
        • Hierarchy leafSecurity
        • Hierarchy leafSetting up an OpenLDAP server for testing
        • Hierarchy leafTheme Features
      • Hierarchy leafDownload
      • Expanded. Click to collapseCollapsed. Click to showFeature tour
        • Hierarchy leafRelease Notes OpenProject 30
        • Expanded. Click to collapseCollapsed. Click to showRelease Notes OpenProject 30 - Overview
          • Hierarchy leafGlossary
          • Hierarchy leafRelease Notes - Accessibility
          • Hierarchy leafRelease Notes - Accessibility changes
          • Hierarchy leafRelease Notes - Add work package queries as menu items to sidebar
          • Hierarchy leafRelease Notes - Copy projects based on Templates
          • Hierarchy leafRelease Notes - Design changes
          • Hierarchy leafRelease Notes - Fixed Bugs
          • Hierarchy leafRelease Notes - Keyboard Shortcuts
          • Hierarchy leafRelease Notes - Project settings
          • Hierarchy leafRelease Notes - Ruby&Rails Update
          • Hierarchy leafRelease Notes - Security
          • Hierarchy leafRelease Notes - Timelines
          • Hierarchy leafRelease Notes - Work packages
      • Hierarchy leafHowto create animated gifs
      • Hierarchy leafMigration Squashing
      • Hierarchy leafMod security
      • Hierarchy leafNew work package page
      • Hierarchy leafOP3 to OP4 Debian upgrade
      • Hierarchy leafOP4 Ubuntu1404 Stable with MySQL in production
      • Hierarchy leafOpenProject 40 Development Setup
      • Expanded. Click to collapseCollapsed. Click to showOpenProject Foundation
        • Hierarchy leafBoards
        • Hierarchy leafMembers
        • Hierarchy leafOPF-Meetings
        • Hierarchy leafStatutes
      • Expanded. Click to collapseCollapsed. Click to showRelease Notes
        • Hierarchy leafOpenProject released on Bitnami
      • Expanded. Click to collapseCollapsed. Click to showRelease Notes OpenProject 40 - Overview
        • Hierarchy leafRelease Notes OpenProject 40 - Accessibility improvements
        • Hierarchy leafRelease Notes OpenProject 40 - Column header functions in work package table
        • Hierarchy leafRelease Notes OpenProject 40 - Improved Design
        • Hierarchy leafRelease Notes OpenProject 40 - Integrated query title on work package page
        • Hierarchy leafRelease Notes OpenProject 40 - Integrated toolbar on work package page
        • Hierarchy leafRelease Notes OpenProject 40 - OmniAuth integration for OpenProject
        • Hierarchy leafRelease Notes OpenProject 40 - Work package details pane
      • Expanded. Click to collapseCollapsed. Click to showSecurity and privacy
        • Hierarchy leafFAQ
      • Expanded. Click to collapseCollapsed. Click to showSupport
        • Expanded. Click to collapseCollapsed. Click to showDownload and Installation
          • Hierarchy leafInstallation MacOS
          • Expanded. Click to collapseCollapsed. Click to showInstallation OpenProject 3 0
            • Hierarchy leafDebian Stable with MySQL in production
            • Hierarchy leafInstallation Ubuntu
            • Hierarchy leafInstallation Windows
            • Hierarchy leafInstallation on Centos 65 x64 with Apache and PostgreSQL 93
          • Expanded. Click to collapseCollapsed. Click to showInstallation OpenProject 40
            • Hierarchy leafOP4 Debian Stable with MySQL in production
          • Expanded. Click to collapseCollapsed. Click to showMigration paths
            • Hierarchy leafFrom Chilliproject to OpenProject
            • Hierarchy leafMigration 15 to 30
            • Hierarchy leafMigration 24 to 30
            • Hierarchy leafMigration Redmine 2x › OpenProject 30
            • Hierarchy leafOpenProject 3 Migration
          • Hierarchy leafOpenProject 40
        • Expanded. Click to collapseCollapsed. Click to showNews
          • Hierarchy leafNew OpenProject Translations Plugin
          • Hierarchy leafNew Plugin on OpenProjectorg Local Avatars
          • Hierarchy leafNew design for OpenProject
          • Hierarchy leafNews Accessibility workshop for OpenProject
          • Hierarchy leafNews Glossary for OpenProject
          • Hierarchy leafNews Heartbleed fixed
          • Hierarchy leafNews Icon Fonts
          • Hierarchy leafNews OpenProject 30 Release
          • Hierarchy leafNews Release GitHub Integration Plugin
          • Hierarchy leafNews Success Story Deutsche Telekom
          • Hierarchy leafNews Timelines
          • Hierarchy leafOpenProject 3013 released
          • Hierarchy leafOpenProject 3017 released
          • Hierarchy leafOpenProject 40 released
          • Hierarchy leafOpenProject 40 will be coming soon
          • Hierarchy leafOpenProject 405 released
          • Hierarchy leafOpenProject and pkgrio
          • Hierarchy leafOpenProject news moved to a new blog
          • Hierarchy leafOpenProjectBitnami
          • Hierarchy leafPackager version with plugins released ("Community edition")
          • Hierarchy leafRegistration OpenProject-Foundation
          • Hierarchy leafRelease OpenProject AuthPlugins
          • Hierarchy leafUpdates on OpenProject
          • Hierarchy leafWe need your feedback for the the new fullscreen view for work packages
        • Hierarchy leafOpenProject Plug-Ins
      • Hierarchy leafWiki
You are here:
  • Forums
  • Plugins

Content

OmniAuth: attribute hash changes for a single provider

Added by Oliver Günther over 8 years ago

For the deployment of the OmniAuth CAS Provider for our use case, I had to patch the core Concerns::OmniauthLogin to override the user attributes build process,
as the login name corresponds to the user’s mail adress, instead of the actual username.

The attributes retrieved from Concerns::OmniauthLogin.omniauth_hash_to_user_attributes are, as I see it, hardcoded:

  def fill_user_fields_from_omniauth(user, auth)
    user.update_attributes omniauth_hash_to_user_attributes(auth)
    user.register
    user
  end

  def omniauth_hash_to_user_attributes(auth)
    info = auth[:info]
    {
      login:        info[:email],
      mail:         info[:email],
      firstname:    info[:first_name] || info[:name],
      lastname:     info[:last_name],
      identity_url: identity_url_from_omniauth(auth)
    }
  end

The patch of omniauth_hash_to_user_attributes is documented at Github

—

Apart from the aforementioned method chaining, is there another way (that I’ve missed) to override the user hash build process from omniauth attributes?
If not, I’d like to discuss on how (or rather, where) this could be integrated. I propose the option to add a callback/observer similar to OmniAuth::Authorization, just like the authorize_user and after_login callbacks provided there. Is this something the team would integrate to the core if I provide the implementation?

Best,
Oliver


Replies (9)

RE: OmniAuth: attribute hash changes for a single provider - Added by Markus Kahl over 8 years ago

Hey Oliver,

you haven’t missed anything. There’s no other way to do it right now.
Yes, it would be good to provide one and we would gladly accept any contribution you make.
I’m not sure if OmniAuth::Authorization is the right place, though.
I mean, conceptually, this is not a problem specifically with regard to authorization, but in general how to map user data.

So we might want to think about alternatives here.

Best,
Markus

RE: OmniAuth: attribute hash changes for a single provider - Added by Oliver Günther over 8 years ago

Thanks for the clarification, Markus! :) I didn’t quite mean to put it into Authorization, I was missing a ‘similar’ in my previous post.. oops.

Maybe there’s a way to include this with the Provider registration (i.e. In the Auth Plugins) so to tie Provider definitition and attribute mapping to one location.

Best,
Oliver

RE: OmniAuth: attribute hash changes for a single provider - Added by Markus Kahl over 8 years ago

Doing it in the provider registration is a good idea!

RE: OmniAuth: attribute hash changes for a single provider - Added by Oliver Günther over 8 years ago

I’ve created a work package on openproject.org and two Pull Requests (openproject-auth_plugins, openproject) that implement this feature.

If there is a prettier way than a block to allow custom mappings (even with :extra and :raw_info in the AuthHash), let me know ;)

RE: OmniAuth: attribute hash changes for a single provider - Added by Markus Kahl over 8 years ago

Good job! I haven’t had a time to give it a thorough look yet, but what I saw looked great.
Just tests are missing. Would you mind writing some?

RE: OmniAuth: attribute hash changes for a single provider - Added by Oliver Günther over 8 years ago

I’ve added specs to both pull requests. Do you have an officially defined code measure for spec coverage? If not, just drop me a note If you see something missing in the specs.

RE: OmniAuth: attribute hash changes for a single provider - Added by Markus Kahl over 8 years ago

I’ve looked at the PRs and they look good. I will merge them as soon as I’m allowed to (currently the plugin dev branch is frozen, but tomorrow I should be able to do it).

RE: OmniAuth: attribute hash changes for a single provider - Added by Markus Kahl over 8 years ago

Also: We have no officially defined coverage requirements that I know of. The specs look good either way.
Thanks for your contribution!

RE: OmniAuth: attribute hash changes for a single provider - Added by Philipp Tessenow over 8 years ago

As we all agree that Oliver’s change is good, I have merged the pull requests. Thanks!

  • (1 - 9/9)
Loading...