Client Init - nov/openid_connect GitHub Wiki
NOTE
openid_connect gem is based on rack-oauth2 gem. Client initialization is basically following rack-oauth2 style.
Minimum Setting
client = OpenIDConnect::Client.new(
identifier: YOUR_CLIENT_ID,
secret: YOUR_CLIENT_SECRET,
redirect_uri: YOUR_REDIRECT_URI,
host: 'server.example.com'
)
rack-oauth2 gem uses /oauth2/authorize and /oauth2/token as default paths.
plus, openid_connect gem adds /userinfo as default UserInfo endpoint path.
In the above case, client uses
https://server.example.com/oauth2/authorizeas Authorization Endpointhttps://server.example.com/oauth2/tokenas Token Endpointhttps://server.example.com/userinfoas UserInfo Endpoint
If your client is Public Client, then omit secret.
Customization
You can optionally specify authorization_endpoint, token_endpoint and/or userinfo_endpoint as absolute/relative URLs.
If any of 3 endpoints have different host component from others, specify absolute URLs for each.
In that case, you can omit host param.
client = OpenIDConnect::Client.new(
identifier: YOUR_CLIENT_ID,
secret: YOUR_CLIENT_SECRET,
redirect_uri: YOUR_REDIRECT_URI,
authorization_endpoint: 'https://server.example.com/authorize',
token_endpoint: 'https://auth.server.example.com/tokens',
userinfo_endpoint: 'https://api.server.example.com/userinfo'
)
If all 3 endpoints have same host componets, but the path isn't mach rack-oauth2 default, specify relative URLs for those 3.
In this case, you need to specify host param too.
client = OpenIDConnect::Client.new(
identifier: YOUR_CLIENT_ID,
secret: YOUR_CLIENT_SECRET,
redirect_uri: YOUR_REDIRECT_URI,
host: 'connect-op.herokuapp.com',
authorization_endpoint: '/authorizations/new',
token_endpoint: '/access_tokens',
userinfo_endpoint: '/user_info'
)