Closed hartsick closed 2 years ago
Running notes while developing. Any action items were captured as checkboxes, and any takeaways surfaced to main writeup above.
bin/setup
and commitmanifest.yml
and Procfile
based on sample appcf marketplace
within sandbox space, provision small postgres database with: cf create-service aws-rds small-psql rails-postgres
cf push explore-ial2 --random-route
**ERROR** Unable to determine ruby: Unable to determine ruby version: Running ruby: No Matching versions, ruby = 2.7.1 not found in this buildpack
2.7.4
rails webpack:install
, which isn't included in bin/setup
, and commit. At this point deploy succeededurn:gov:gsa:openidconnect.profiles:sp:sso:tts_future:cloud_login_iaml2_test
, no redirect URIs to startconfig/private.pem
, since the private key would then be committed. Should add a note about handling as a secret?omniauth.rb
as suggested by the Login docs, Devise ignores the provider registration (it has its own in devise.rb
, but I'm not sure how to make work with Login provider)auth/login_dot_gov
, not auth/logindotgov
as stated)gem "omniauth-rails_csrf_protection"
to addressname: :logindotgov
if /auth/logindotgov/callback
).Throwaway repo (cc @rahearn): https://github.com/hartsick/effective-engine
Charter
Explore creating a minimal hosted Rails application that uses verified proofed user attributes With login.gov and cloud.gov To discover developer experience of integrating these services
Intended approach:
Clean up:
Not in scope: Graceful handling of unauthenticated users or users that have only proofed at IAL1
Note: Since this isn't meant to deliver user value or necessarily turn into something we use in the production application, I wrote this as an exploratory charter—if we find this issue format useful, can make into a template!
Findings
Resources
TTS GIthub orgs
Reference applications
I asked in Slack if anyone had suggestions of reference applications using Ruby/Rails, hosted in Cloud.gov, and using Login.gov ideally at IAL2 level. Here are some that were referenced:
Things found:
Developer documentation
Developer experience notes