Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Restrict Login with Google OAuth2.0 to Specific Whitelisted Domain Name on Ruby

Tags:

ruby-on-rails

oauth-2.0

devise

EDIT: I changed how I'd like to do this I think I will use a MySQL table to whitelist the devise logins using google. The changed question is posted here: Restrict Login with Google OAuth2.0 and Devise to Specific Whitelist Table using Ruby

Alright so I am trying to get restricted authentication for my ruby on rails website using Devise and Omni-Auth2 and only google. Everything is working so far, but I only want emails coming from a certain domain to be accepted. I am open to anyway to do this.

I have done some googling but it seems some PHP users have a bit more local files than I do, maybe because of using the google API client locally? I'm not exactly sure, as I am quite new to coding in general and surprised I made it this far.

Here is an example: Google Oauth2.0 with Python: How do I limit access to a specific domain?

And here: Restrict Login Email with Google OAuth2.0 to Specific Domain Name

Both seem to use the "hd:domain" or something similar, but there seems to be issues with that plus I'm not sure how I would impliment it in my app.

Now for some more info, I am only using the gem devise and omniauth-google-oauth2 (https://github.com/zquestz/omniauth-google-oauth2) I feel like theres a way to do it with that gem but still not entirely sure. Any help would be appreciated if I can post any more info let me know.

My omniauth_callbacks_controller:

class User::OmniauthCallbacksController < Devise::OmniauthCallbacksController
  def google_oauth2
    # You need to implement the method below in your model (e.g. app/models/user.rb)
    @user = User.find_for_google_oauth2(request.env["omniauth.auth"], current_user)

    if @user.persisted?
      flash[:notice] = I18n.t "devise.omniauth_callbacks.success", :kind => "Google"
      sign_in_and_redirect @user, :event => :authentication
    else
      session["devise.google_data"] = request.env["omniauth.auth"]
      redirect_to new_user_registration_url
    end
  end
end
like image 788
Preston M Avatar asked Apr 25 '14 13:04

Preston M

1 Answers

I know this question is old but answering it just for reference. You need to change config/initializer/omniauth.rb and add "hd" to provider.

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :google_oauth2, ENV["google_client_id"], ENV["google_client_secret"],
           {
               hd: 'domain.com'
           }
end
like image 143
sadaf Avatar answered Oct 29 '22 15:10

sadaf
Sign in to Comment

Related questions

On deciding how heavily to use client side code [closed]
Rails - Postgres - could not connect to server: Connection refused (PG::ConnectionBad)
Strong parameters permit Array of Arrays
Rails select in scope
How to Structure Multiple Levels of Hierarchy in Ruby on Rails?
warden authenticate recall not getting called
How to test for mass assignment errors in Rspec and Rails 4?
When Capistrano3 does mkdir, permission denied
Paper_trail and Rails_Admin: NameError - uninitialized constant Version
Bad Authentication Error Rails connecting to google drive
Asset pipeline route helpers resolving to wrong URL or Path
Will Rails 3.2 be still supported after the 4.1 release?
Interpolation in I18n array
rspec controller testing, Expected response to be a <redirect>, but was <200>
Truncate & Simple Format String in Ruby on Rails
Angular + Rails + Routing?
Undefined method '+' for Rspec. What does it mean? [closed]
Proper method for committing schema.rb
How to change a route name rails 4
Docker: Is the server running on host "localhost" (::1) and accepting TCP/IP connections on port 5432?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!