History
We are implementing Single Sign-on(SSO) for one of our clients’ projects at scalereal. So, we compared various Single Sign-on(SSO) providers such as AWS-Cognito, Auth0 and Okta eventually we decided to use Okta as it was most suitable for our needs.
What is Okta ??
It’s a SaaS product that provides cloud software that helps companies manage and secure user authentication into modern applications, and for developers to build identity controls into applications, website web services and devices.
Before going ahead create a developer account on Okta
Basic flow okta with devise app
This is the basic flow of our rails app. we are moving step by step to integrate okata to a rails application
1. Create a Rails App with PostgreSQL or MySQL
rails new your_app_name -T -d postgresql
2. Add following gem to Gemfile
we are going to use omniauth-oktaoauth for Strategy to authenticate with Okta via OAuth2 in OmniAuth, activerecord-session_store for handling sessions and devise for handling login scenarios.
Then Run command bundle install
3. Install Devise
$ rails generate devise:install
At this point, a number of instructions will appear in the console. Among these instructions, you’ll need to set up the default URL options for the Devise mailer in each environment. Here is a possible configuration for config/environments/development.rb
config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }
Now, create a model rails generate devise User Add few columns to users table,
rails g migration AddOminiauthToUsers provider:index uid:index
Before migrating database, create a table active_record session migration
rails g active_record:session_migration
Great, we added all the necessary things, Now fire rake db:migrate
4. Build Authentication
Next, create a config/application.yaml file to populate all necessary environment variables.
bundle exec figaro install
Once your Okta account has been created, you’ll need to copy some Okta values into environment variables for Rails to use. Edit the newly generated config/application.yml and add the following values from your Okta tenant.
Once you are done with adding Okta environment variables, let’s add it to our Devise. Edit devise.rb and configure omniauth authentication
Now we should able to connect Devise to Okta.
5. Make Application Working
So up-to this we configure devise with Okta, Now Let’s make our application working.
Create users/ominiauth_callbacks_controller.rb
In this, we are handling sessions and handling env[“omniauth.auth”] which is having Okta credentials.
And then add method from_omniauth in user.rb model
Make sure you are adding Devise with omniauthable with provider oktaoauth
Edit routes.rb like below
Basically I create home_controller.rb for root index,
well user_is_logged_in? the method is missing ?? write that method in application_controller.rb
Now if you start server localhost:3000 you should redirect to Okta login screen like below.
After login, it’ll redirect to OKTA_REDIRECT_URI and the session will be created.
We have successfully implemented Okta with Devise Gem. If you lost somewhere please refer my GitHub repo here
At Scalereal We believe in Sharing and Open Source.
So, If you found this helpful please give some claps 👏 and share it with everyone.
Sharing is Caring!
Thank you ;)