-
Notifications
You must be signed in to change notification settings - Fork 301
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[OAuth 2.0] OpenID Connect supported? #433
Comments
Hi @john-goldsmith thanks for the info. This gem doesn't have an authentication setup logic, we recommend users handle it on a per-app basis as needed, ala the docs: So in theory, yes, you can specify your own From what you're saying you can pass the same access token / secret to the gem and it works? If so thats good to know and it sounds like its a documentation issue that we should mention. Or perhaps I am misunderstanding what you're saying. Thanks again. |
According to the docs, {
"sub": "1182d6ec-2a1f-4aa3-af3f-bb3b95db45af", // QuickBooks GUID
"aud": [
"L3Y7SV6rRxVvArdYzlRxjPXo0b6ItrX4qFhopPXQ6aaEWgKyCa"
],
"realmid": "123145880168382", // aka, company ID
"auth_time": 1464330769,
"iss": "https://oauth.platform.intuit.com/op/v1",
"exp": 1464335838,
"iat": 1464332238
} Using the OAuth token (not the JWT), additional user data can be obtained by making a {
"sub": "1182d6ec-2a1f-4aa3-af3f-bb3b95db45af", // QuickBooks GUID
"email": "[email protected]",
"emailVerified": true,
"givenName": "John",
"familyName": "Doe",
"phoneNumber": "+1 6305555555",
"phoneNumberVerified": false,
"address": { // other useful profile info
"streetAddress": "2007 saint julien ct",
"locality": "mountain view",
"region": "CA",
"postalCode": "94043",
"country": "US"
}
} So, back to my original question, since your gem manages the OAuth token which is needed for the additional profile data, it seems like wrapping the OpenID functionality could also be in scope. Then again, there are a bazillion OpenID gems so maybe they already provide this functionality...? Off the cuff: user_info = Quickbooks::Identity::OpenIDConnect.get_user_info(access_token, opts)
user_info.email # => [email protected] FWIW and to be perfectly honest, I'm not exactly sure if OAuth and OpenID are competing or complimentary concepts, so it's possible I'm doing duplicate effort. 😅 |
Thank you John Goldsmith! Just a upvote here to ask that you please incorporate the setup stuff into the gem. I was able to get started pretty quickly using minimul's QboApi, but it also lacks facility for signon with intuit (which appears pretty important if you actually want people to use your app), revoking credentials (required by Intuit to publish) or getting email addresses of the user, which is pretty much essential if you use intuit single signon. I think newbies will spend hours trying to figure out oauth and then when you want to get set up to connect to their app store you have a whole new bunch of problems, and the documentation is missing or confusing if you are rails developer. |
Hi,
I'm working off the 389-oauth2 branch (which works great btw, thanks!) and was curious if this gem also supports Intuit's OpenID Connect implementation (
scope: "openid"
)? The following snippet works for me, but I wasn't sure if it was already baked in somewhere, or perhaps another gem that provides something similar. Thanks!References
The text was updated successfully, but these errors were encountered: