User:Sanchezl/OmniAuth
OmniAuth is an authentication library written in Ruby under MIT License.[1] OmniAuth is used to enable third party authentication in Ruby on Rails applications. As of September 2015, OmniAuth supported authentication via 218 specific service providers[2]. In addition to the specific service providers, 13 generic authentication plugins are also provided.[2]
History
[edit]While working at Intridea, Micheal Bleigh started developing OmniAuth in 2008.[1][3] OmniAuth version 1.0 was released in November of 2011.[4] The latest release of OmniAuth, version 1.2.2, was tagged on July 9, 2014.[5]
Strategies
[edit]OmniAuth referes to the plugins that provide authentication via authentication providers as strategies. Strategies are further categorized into provider strategies and developer strategies.
Provider Strategies
[edit]Provider strategies enable authentication to a specific authentication provider. Some example provider strategies are:
- GitHub
- Windows Live ID
As of September 2015, over 200 provider strategies are listed in List of Strategies topic on the OmniAuth wiki.
Developer Strategies
[edit]Developer strategies enable authentication to providers that conform to open or well known standards. Most of the specific provider strategies are customized versions of one of the developer strategies.
- Central Authentication Service (CAS) [1]
- Basic access authentication [2]
- Kerberos [3]
- Lightweight Directory Access Protocol (LDAP) [4]
- OAuth [5]
- OAuth2 [6]
- OpenID [7]
- OpenAM [8]
- Security Assertion Markup Language (SAML) [9]
- Shibboleth [10]
- WS-Federation [11]
- Active Directory Federation Services (ADFS) [12]
More details on the developer strategies are listed in List of Strategies topic on the OmniAuth wiki.
Custom Strategies
[edit]If none of the packaged strategies meet a user's need, OmniAuth provides an SPI that anyone can extend to create their own strategy.[6]
Ruby on Rails Integration
[edit]Integrating OmniAuth into a Rails application that follows the standard authentication pattern for a Rails application is simply a matter of: (1) initialize an OmniAuth::Builder with your authentication provider details, (2) route login requests to /auth/:provider
instead of your own login page, and (3) route /auth/:provider/callback
to a controller action that initializes your user session (e.g. sessions#create
).[7][8]
References
[edit]- ^ a b "Home Page". OmniAuth. Retrieved 17 September 2015.
- ^ a b "List of Strategies". GitHub. Retrieved 17 September 2015.
- ^ "Micheal Bleigh". Intridea. Retrieved 17 September 2015.
- ^ Bleigh, Michael (2 November 2011). "OmniAuth 1.0: Auth for All". Intridea Blog. Retrieved 17 September 2015.
- ^ "omniauth Releases". GitHub. Retrieved 17 September 2015.
- ^ "Strategy Contribution Guide". GitHub. Retrieved 26 September 2015.
- ^ "OmniAuth Wiki". GitHub. Retrieved 16 September 2015.
- ^ "OmniAuth README.md". GitHub. Retrieved 16 September 2015.