Reputation:
Implement Oauth2 together with own app
I have an application using Devise. And I want to use OAuth2 in my API for authentication.
- Is it possible to implement OAuth2 without using Doorkeeper, OmniAuth etc?
- How could I implement OAuth2 in my app because it must provide 'client_id', 'client_secret', :site?
Upvotes: 0
Views: 188
Answers (1)
Reputation: 11813
Is it possible to implement OAuth2 without using Doorkeeper, OmniAuth etc?
Yes, of course. But you would have to do all the work yourself based on the oAuth 2.0 standard. You can read the specification on what you have to do here.
How could I implement OAuth2 in my app because it must provide 'client_id', 'client_secret', :site?
Read the oAuth 2.0 specs and implement them using standard Rails code. But, it would be much easier to just use existing gems. Also, it is better to use existing well maintained and popular gems, because oAuth2 standard has couple of nuances like setting random "state" while getting a request token. If not considered, that might lead to MiM attacks.
Upvotes: 1
Related Questions
- Google OAuth 2 authorization - Error: redirect_uri_mismatch
- How to authenticate SPA users using oAuth2?
- How to implement PKCE OAuth2 with React and Doorkeeper?
- How can I create a register endpoint with client_id and client_Secret of oauth2 in djangorestframework?
- integrate only oauth2 in rails app without doorkeeper
- Oauth2 provider (Doorkeeper?) being an Oauth2 consumer (Devise+OmniAuth) for login
- oAuth2 login on the api for web app in ruby on rails using doorkeeper with the help of devise