Closed brucellino closed 7 years ago
Bruce, can you clarify? omniauth-orcid
is not a Rails application/engine.
Hi @mfenner my apologies for being vague.
I am trying to use orcid as an identity provider for a Rails app I'm working on. The idea is just to get the ORCID if the user.
I was following https://github.com/datacite/omniauth-orcid#rails trying to use this to do the authentication.
It's more a question than a bug - since there was a section on how to use the gem for rails, I thought I would report my experience following the README. The README has the line to MATCH a route, but that syntax is deprecated apparently in Rails 5. I'll be quite happy with "go do rails somewhere else" ;) Just wanted to leave a trail for the next person.
Or, I could just add a comment to the README ?
Thanks Bruce. DataCite is using omniauth-orcid
in a Rails app, so this is the right place to open the issue. What we are doing in routes.rb
at https://profiles.datacite.org is here: https://github.com/datacite/volpino/blob/master/config/routes.rb#L4-L12. Which looks slightly different, as we are using devise
on top of omniauth
. I hope our source code can give you some good ideas, but I should definitely update the documentation.
Thanks a lot Martin - I am also trying to use devise. I'll take a look at the link. We can close this in the meantime.
Great. One more thing: we had a number of discussions in the THOR project in the past few months about the role of ORCID as identity provider, and it is complicated (@TomDemeranville is the best person to ask more detailed questions). My conclusion for now is to use ORCID as one of several third-party login options, but require the ORCID ID for every account created. Using ORCID as the only login option is probably fine, but strictly speaking ORCID will not guarantee 24/7 uptime (and having a single third-party login as the only login option is probably not a good idea anyway).
Yes, I'm aware of the complications, and the "wrongness" of using ORCID to log in directly. For now, I'm just trying to finish a toy version of this app.
Indeed, I'm not after the identity of the person, but their ORCID. I do want to get it from their ORCID profile, rather than their ORCID identity (if that makes sense...), and get around the problem of self-assertion.
So the idea is that they would log into the app using their university IdP, then allow the application to read their public ORCID
@TomDemeranville I guess a proper discussion will be necessary when we get there...
Thanks @brucellino, this makes sense.
It seems that the match method has been deprecated. When I use this example in my app (Rails 5.0.0.1) , indeed I get an error :
(full output below)
If I add the GET and POST routes individually, the server starts - haven't checked if the actual auth works.
Is there support for Rails 5 ?
Thanks ! Bruce
Full output