I'm trying to make use of omniauth-shibboleth strategy (with rack-saml).
My omniauth initializer looks like this:
Rails.application.config.middleware.use OmniAuth::Builder do
provider :shibboleth, {
:info_fields => {
:email => 'mail',
},
:extra_fields => [:cn, :sn, :schacHomeOrganization],
}
end
Everything is successful up to the point where omniauth-shibboleth should set up omniauth.auth ENV variable, but this ends up partial.
Namely - it does detect eduPersonPrincipalName and passes it to uid filed correctly - I can see it.
But it fails to fill in email, and the extra parameters cn, sn, schacHomeOrganization.
I have verified that the request.env does contain all of the required attributes, so the problem is not at Shibboleth side.
For debugging, I hardcoded the options in Gem file lib/omniauth/strategies/shibboleth.rb:
option :info_fields, {:email => 'mail'}
option :extra_fields, [:cn, :sn, :schacHomeOrganization]
Then everything works.
So, there seems to be problem either with my Omniauth setup or with the way omniauth-shibboleth handles the options, so that my configuration does not end up merged with default values.
What am I doing wrong?
Versions:
omniauth - 1.1.1
omniauth-shibboleth - 1.0.8
rack-saml - 0.0.4
pow - 0.4.0
It turned out that Devise handles Omniauth initialization itself and while I could use config/initializers/omniauth.rb to toggle :debug => true, Devise overrode any other options I had set.
So the correct place to configure Omniauth strategies while using Devise is in config/initializers/devise.rb:
config.omniauth :shibboleth, {:uid_field => 'eppn',
:info_fields => {:email => 'mail', :name => 'cn', :last_name => 'sn'},
:extra_fields => [:schacHomeOrganization]
}
Previously I thought that that line only hints Devise which strategy is the default.