Okta <> Devise Ruby on Rails
In this article, I’m going to show you how to do Simple Authentication with Okta using Devise gem.
History
We are implementing Single Sign-on(SSO) for one of our clients’ projects at scalereal. So, we compared various Single Sign-on(SSO) providers such as AWS-Cognito, Auth0 and Okta eventually we decided to use Okta as it was most suitable for our needs.
What is Okta ??
It’s a SaaS product that provides cloud software that helps companies manage and secure user authentication into modern applications, and for developers to build identity controls into applications, website web services and devices.
Before going ahead create a developer account on Okta.
This is the basic flow of our rails app. we are moving step by step to integrate okata to a rails application
1. Create a Rails App with PostgreSQL or MySQL
rails new your_app_name -T -d postgresql2. Add following gem to Gemfile
we are going to use omniauth-oktaoauth for Strategy to authenticate with Okta via OAuth2 in OmniAuth, activerecord-session_store for handling sessions and devise for handling login scenarios.
Then Run command bundle install
3. Install Devise
$ rails generate devise:installAt this point, a number of instructions will appear in the console. Among these instructions, you’ll need to set up the default URL options for the Devise mailer in each environment. Here is a possible configuration for config/environments/development.rb
config.action_mailer.default_url_options = { host: 'localhost', port: 3000 }Now, create a model rails generate devise User
Add few columns to users table,
rails g migration AddOminiauthToUsers provider:index uid:indexBefore migrating database, create a table active_record session migration
rails g active_record:session_migrationGreat, we added all the necessary things,
Now fire rake db:migrate
4. Build Authentication
Next, create a config/application.yaml file to populate all necessary environment variables.
bundle exec figaro installOnce your Okta account has been created, you’ll need to copy some Okta values into environment variables for Rails to use. Edit the newly generated config/application.yml and add the following values from your Okta tenant.
Once you are done with adding Okta environment variables, let’s add it to our Devise. Edit devise.rb and configure omniauth authentication
Now we should able to connect Devise to Okta.
5. Make Application Working
So up-to this we configure devise with Okta, Now Let’s make our application working.
Create users/ominiauth_callbacks_controller.rb
ominiauth_callbacks_controller.rbIn this, we are handling sessions and handling env["omniauth.auth"] which is having Okta credentials.
And then add method from_omniauth in user.rb model
Make sure you are adding Devise with omniauthable with provider oktaoauth
Edit routes.rb like below
Basically I create home_controller.rb for root index,
well user_is_logged_in? the method is missing ??
write that method in application_controller.rb
Now if you start server localhost:3000 you should redirect to Okta login screen like below.
After login, it’ll redirect to OKTA_REDIRECT_URI and the session will be created.
We have successfully implemented Okta with Devise Gem. If you lost somewhere please refer my GitHub repo here.
At Scalereal We believe in Sharing and Open Source.
So, If you found this helpful please give some claps 👏 and share it with everyone.
Sharing is Caring!
Thank you ;)
