Switching Between Web and Touch Interfaces on Facebook Login Using Omniauth and Rails 3

  • Home
  • Languages
  • Ruby
  • Switching Between Web and Touch Interfaces on Facebook Login Using Omniauth and Rails 3

Switching between web and touch interfaces on Facebook login using Omniauth and Rails 3

Actually, since OmniAuth::Strategies are already Rack middleware, its even simpler. Just override the request_phase method and check the @env instance variable present in the strategy for a mobile user_agent:

module OmniAuth
  module Strategies
    class Facebook < OAuth2

      MOBILE_USER_AGENTS =  'webos|ipod|iphone|mobile'

      def request_phase
        options[:scope] ||= "email,offline_access"
        options[:display] = mobile_request? ? 'touch' : 'page'
        super
      end

      def mobile_request?
        ua = Rack::Request.new(@env).user_agent.to_s
        ua.downcase =~ Regexp.new(MOBILE_USER_AGENTS)
      end

    end
  end
end

Incremental OAuth consent with Microsoft Graph api

The Azure AD V2.0 endpoint already support incremental and dynamic consent. You can register the app to use Azure AD V2.0 authentication endpoint from here.

We can provide two buttons for normal users and admin to login in. Here are the steps using V2.0 endpoint for normal users to login for your reference:

1.sign in and get OAuth Code:

GET: https://login.microsoftonline.com/common/oauth2/v2.0/authorize?client_id={clientId}&scope=openid%20https%3A%2F%2Fgraph.microsoft.com%2FMail.ReadWrite%20https%3A%2F%2Fgraph.microsoft.com%2FUser.ReadBasic.All%20https%3A%2F%2Fgraph.microsoft.com%2FUser.Read&response_type=code+id_token&&redirect_uri={redirectUri}&nonce=678910

2.Request for the Access token

POST: https://login.microsoftonline.com/common/oauth2/v2.0/token

client_id={clientId}&scope=openid%20https%3A%2F%2Fgraph.microsoft.com%2FMail.ReadWrite%20https%3A%2F%2Fgraph.microsoft.com%2FUser.ReadBasic.All%20https%3A%2F%2Fgraph.microsoft.com%2FUser.Read
&code={codeFromPreviousRequest}&redirect_uri={RedirectUri}&grant_type=authorization_code&client_secret={client_secret}

And for the admin to login in, we just add the additional scope with above request. Here are some helpful articles about this topic:

What's different about the v2.0 endpoint?

v2.0 Protocols - OpenID Connect
v2.0 Protocols - OAuth 2.0 Authorization Code Flow


Related Topics

What Are the Main Differences Between Sinatra and Ramaze

Suitability of Rails, Padrino, and Sinatra for Building a Prepaid Mobile Service

How to Check If a Variable Is an Instance of a Class

Is There Any Haskell-Land Equivalent to the Ruby-Land's Bundler Et. Al And, If Not, How Would a Project So Structured Be Contrived

Differencebetween Methods and Attributes in Ruby

Ruby: What Does the Asterisk in "P *1..10" Mean

Using Typeahead from Twitter Bootstrap in a Form (Formtastic)

Code to Generate Gaussian (Normally Distributed) Random Numbers in Ruby

Starting or Restarting Unicorn with Capistrano 3.X

How to Remove/Disable Sign Up from Devise

Homebrew Permissions Mess

Differences Between *, Self.* and @* When Referencing Associations/Attributes in Ruby/Rails Models/Controllers

How to Debug/Display Request Sent Using Restclient

Ruby Merging Two Arrays into One

Rspec Equal Method

How to Validate Associated Model Id

Context Aware Authorization Using Cancan

How to Test 'Create' Controller Actions


Leave a reply



Submit