omniauth-heroku 0.2.0 → 0.3.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,15 +1,7 @@
1
1
  ---
2
- !binary "U0hBMQ==":
3
- metadata.gz: !binary |-
4
- NzQ0NTZiYTZlYTcxNDc0MzYzNDBmM2Y0NmM4M2Q1OTYwYWM2ZjM4NQ==
5
- data.tar.gz: !binary |-
6
- YmNiZTI4ZTkzZGMyMTI3YTIxMmE2MTJlNWIxMDZhOGRlY2MyOGY3MQ==
2
+ SHA1:
3
+ metadata.gz: 964daffc75b3ca8125e9cd80e31d0e96ffa1cb46
4
+ data.tar.gz: a317e2dea50412a8fd74540561eb5b3a7172403c
7
5
  SHA512:
8
- metadata.gz: !binary |-
9
- NWFhMDBmNDQwZDZmOTgzNTY2OTIwZjdhNmU5NWYxN2ZiN2YyZDliM2MyMWMx
10
- Zjg1NzE2ZTI2OGIzZDE0OTRmODQwZTRkMjZmODg3MWRjZTY0YTAyN2UyNzQx
11
- Zjg0YTQ0Njg4MzJmYjJmNGJmYjdiMDg3ZTk5NTc3YjdkMTgxMmQ=
12
- data.tar.gz: !binary |-
13
- NTJhOTBjOTE5ZGQxYjhkMzM4Y2FhNDJiOTgwYzQ3OTIzMTU5MzBhYzk5Y2Q2
14
- YzVkNDJiNGI0MzVmOWJhY2Q0ZmIwOGMwMGU0MmJmY2FhMjdjOTA5YTNlN2Rm
15
- NGFiZjk5MDg3OTRmYTNlZDc2OThkMjQzYTFiNDJhYThlODViNDE=
6
+ metadata.gz: fd660369c9518967643d91bc036445fd66c098d8ddf8737c46dae4413a829991d66287989a7c04f8fd24d8753ddc817d7a4fbd958141f6df4b7a9d5b529b2d9a
7
+ data.tar.gz: 4d6ba13e6ce6a42bc57514623c7c3d5149665b0ff915c1dd046e11b9704216ef01a0128b2dfb40846b21b72bbf3ac522841d114eb70694e699c381fed66485ab
data/README.md CHANGED
@@ -1,12 +1,20 @@
1
1
  # OmniAuth Heroku
2
2
 
3
- [OmniAuth](https://github.com/intridea/omniauth) strategy for authenticating Heroku users.
4
-
5
3
  [![Build Status](https://travis-ci.org/heroku/omniauth-heroku.svg?branch=master)](https://travis-ci.org/heroku/omniauth-heroku)
6
4
 
7
- Mount this with your Rack application (be it Rails or Sinatra) to simplify the [OAuth flow with Heroku](https://devcenter.heroku.com/articles/oauth).
8
5
 
9
- This is intended for apps already using OmniAuth, for apps that authenticate against more than one service (eg: Heroku and GitHub), or apps that have specific needs on session management. If your app doesn't fall in any of these you should consider using [Heroku Bouncer](https://github.com/heroku/heroku-bouncer) instead.
6
+ [OmniAuth](https://github.com/intridea/omniauth) strategy for authenticating
7
+ Heroku users.
8
+
9
+ Mount this with your Rack application (be it Rails or Sinatra) to simplify the
10
+ [OAuth flow with Heroku](https://devcenter.heroku.com/articles/oauth).
11
+
12
+ This is intended for apps already using OmniAuth, for apps that authenticate
13
+ against more than one service (eg: Heroku and GitHub), or apps that have
14
+ specific needs on session management. If your app doesn't fall in any of these
15
+ you should consider using [Heroku Bouncer][heroku-bouncer] instead.
16
+
17
+ [heroku-bouncer]: https://github.com/heroku/heroku-bouncer
10
18
 
11
19
 
12
20
  ## Configuration
@@ -15,67 +23,96 @@ OmniAuth works as a Rack middleware. Mount this Heroku adapter with:
15
23
 
16
24
  ```ruby
17
25
  use OmniAuth::Builder do
18
- provider :heroku, ENV['HEROKU_OAUTH_ID'], ENV['HEROKU_OAUTH_SECRET']
26
+ provider :heroku, ENV.fetch("HEROKU_OAUTH_ID"), ENV.fetch("HEROKU_OAUTH_SECRET")
19
27
  end
20
28
  ```
21
29
 
22
- Obtain a `HEROKU_OAUTH_ID` and `HEROKU_OAUTH_SECRET` by creating a client with the [Heroku OAuth CLI plugin](https://github.com/heroku/heroku-oauth).
30
+ Obtain a `HEROKU_OAUTH_ID` and `HEROKU_OAUTH_SECRET` by creating a client with
31
+ the [Heroku OAuth CLI plugin](https://github.com/heroku/heroku-oauth).
23
32
 
24
- Your Heroku OAuth client should be set to receive callbacks on `/auth/heroku/callback`.
33
+ Your Heroku OAuth client should be set to receive callbacks on
34
+ `/auth/heroku/callback`.
25
35
 
26
36
 
27
37
  ## Usage
28
38
 
29
39
  Initiate the OAuth flow sending users to `/auth/heroku`.
30
40
 
31
- Once the authorization flow is complete and the user is bounced back to your application, check `env["omniauth.auth"]["credentials"]`. It contains both a refresh token and an access token (identified just as `"token"`) to the account.
41
+ Once the authorization flow is complete and the user is bounced back to your
42
+ application, check `env["omniauth.auth"]["credentials"]`. It contains both a
43
+ refresh token and an access token (identified just as `"token"`) to the
44
+ account.
45
+
46
+ We recommend using this access token together with
47
+ [Heroku.rb][heroku-ruby-client] to make API calls on behalf of the user.
32
48
 
33
- We recommend using this access token together with [Heroku.rb](https://github.com/heroku/heroku.rb) to make API calls on behalf of the user.
49
+ [heroku-ruby-client]: https://github.com/heroku/heroku.rb
34
50
 
35
51
  Refer to the examples below to see how these work.
36
52
 
37
53
 
38
54
  ### Basic account information
39
55
 
40
- If you want this middleware to fetch additional Heroku account information like the user email address and name, use the `fetch_info` option, like:
56
+ If you want this middleware to fetch additional Heroku account information like
57
+ the user email address and name, use the `fetch_info` option, like:
41
58
 
42
59
  ```ruby
43
60
  use OmniAuth::Builder do
44
- provider :heroku, ENV['HEROKU_OAUTH_ID'], ENV['HEROKU_OAUTH_SECRET'],
61
+ provider :heroku, ENV.fetch("HEROKU_OAUTH_ID"), ENV.fetch("HEROKU_OAUTH_SECRET"),
45
62
  fetch_info: true
46
63
  end
47
64
  ```
48
65
 
49
- This sets name and email in the [omniauth auth hash](https://github.com/intridea/omniauth/wiki/Auth-Hash-Schema). You can access it from your app via `env["omniauth.auth"]["info"]`.
66
+ This sets name and email in the [omniauth auth hash][auth-hash]. You can access
67
+ it from your app via `env["omniauth.auth"]["info"]`.
50
68
 
51
- It will also add [additional Heroku account info](https://devcenter.heroku.com/articles/platform-api-reference#account) to `env["omniauth.auth"]["extra"]`.
69
+ [auth-hash]: https://github.com/intridea/omniauth/wiki/Auth-Hash-Schema
70
+
71
+ It will also add [additional Heroku account info][platform-api] to
72
+ `env["omniauth.auth"]["extra"]`.
73
+
74
+ [platform-api]: https://devcenter.heroku.com/articles/platform-api-reference#account
52
75
 
53
76
  ### OAuth scopes
54
77
 
55
- [Heroku supports different OAuth scopes](https://devcenter.heroku.com/articles/oauth#scopes). By default this strategy will request global access to the account, but you're encouraged to request for less permissions when possible.
78
+ [Heroku supports different OAuth scopes][oauth-scopes]. By default this
79
+ strategy will request global access to the account, but you're encouraged to
80
+ request for less permissions when possible.
81
+
82
+ [oauth-scopes]: https://devcenter.heroku.com/articles/oauth#scopes
56
83
 
57
84
  To do so, configure it like:
58
85
 
59
86
  ```ruby
60
87
  use OmniAuth::Builder do
61
- provider :heroku, ENV['HEROKU_OAUTH_ID'], ENV['HEROKU_OAUTH_SECRET'],
88
+ provider :heroku, ENV.fetch("HEROKU_OAUTH_ID"), ENV.fetch("HEROKU_OAUTH_SECRET"),
62
89
  scope: "identity"
63
90
  end
64
91
  ```
65
92
 
66
- This will trim down the permissions associated to the access token given back to you.
93
+ This will trim down the permissions associated to the access token given back
94
+ to you.
95
+
96
+ The Oauth scope can also be decided dynamically at runtime. For example, you
97
+ could use a `scope` GET parameter if it exists, and revert to a default `scope`
98
+ if it does not:
99
+
100
+ ```ruby
101
+ use OmniAuth::Builder do
102
+ provider :heroku, ENV.fetch("HEROKU_OAUTH_ID"), ENV.fetch("HEROKU_OAUTH_SECRET"),
103
+ scope: ->(request) { request.params["scope"] || "identity" }
104
+ end
105
+ ```
67
106
 
68
107
 
69
108
  ## Example - Sinatra
70
109
 
71
110
  ```ruby
72
111
  class Myapp < Sinatra::Application
73
- configure do
74
- enable :sessions
75
- end
112
+ use Rack::Session::Cookie, secret: ENV.fetch("SESSION_SECRET")
76
113
 
77
114
  use OmniAuth::Builder do
78
- provider :heroku, ENV["HEROKU_OAUTH_ID"], ENV["HEROKU_OAUTH_SECRET"]
115
+ provider :heroku, ENV.fetch("HEROKU_OAUTH_ID"), ENV.fetch("HEROKU_OAUTH_SECRET")
79
116
  end
80
117
 
81
118
  get "/" do
@@ -83,20 +120,28 @@ class Myapp < Sinatra::Application
83
120
  end
84
121
 
85
122
  get "/auth/heroku/callback" do
86
- access_token = env['omniauth.auth']['credentials']['token']
123
+ access_token = env["omniauth.auth"]["credentials"]["token"]
124
+ # DO NOT store this token in an unencrypted cookie session
125
+ # Please read "A note on security" below!
87
126
  heroku_api = Heroku::API.new(api_key: access_token)
88
127
  "You have #{heroku_api.get_apps.body.size} apps"
89
128
  end
90
129
  end
91
130
  ```
92
131
 
132
+ Note that we're explicitly calling `Rack::Session::Cookie` with a secret. Using
133
+ `enable :sessions` is not recommended because the secret is generated randomly,
134
+ and not reused across processes – so your users can lose their session whenever
135
+ your app restarts.
136
+
137
+
93
138
  ## Example - Rails
94
139
 
95
140
  Under `config/initializers/omniauth.rb`:
96
141
 
97
142
  ```ruby
98
143
  Rails.application.config.middleware.use OmniAuth::Builder do
99
- provider :heroku, ENV['HEROKU_OAUTH_ID'], ENV['HEROKU_OAUTH_SECRET']
144
+ provider :heroku, ENV.fetch("HEROKU_OAUTH_ID"), ENV.fetch("HEROKU_OAUTH_SECRET")
100
145
  end
101
146
  ```
102
147
 
@@ -119,6 +164,8 @@ class SessionsController < ApplicationController
119
164
 
120
165
  def create
121
166
  access_token = request.env['omniauth.auth']['credentials']['token']
167
+ # DO NOT store this token in an unencrypted cookie session
168
+ # Please read "A note on security" below!
122
169
  heroku_api = Heroku::API.new(api_key: access_token)
123
170
  @apps = heroku_api.get_apps.body
124
171
  end
@@ -139,11 +186,16 @@ And view:
139
186
 
140
187
  ## A note on security
141
188
 
142
- Be careful if you intend to store access tokens in cookie-based sessions.
189
+ **Make sure your cookie session is encrypted before storing sensitive
190
+ information on it, like access tokens**. [encrypted_cookie][encrypted-cookie]
191
+ is a popular gem to do that in Ruby.
143
192
 
144
- Many web frameworks offer protection against session tampering, but still store sessions with no encryption. This allows attackers with some access to the user session to obtain valuable information from cookies.
193
+ [encrypted-cookie]: https://github.com/cvonkleist/encrypted_cookie
145
194
 
146
- Rails, Sinatra and others can be configured to encrypt cookies, but don't do it by default. So make sure to encrypt cookie-based sessions before storing confidential data on it!
195
+ Both Rails and Sinatra take a cookie secret, but that is only used to protect
196
+ against tampering; any information stored on standard cookie sessions can
197
+ easily be read from the client side, which can be further exploited to leak
198
+ credentials off your app.
147
199
 
148
200
 
149
201
  ## Meta
@@ -56,6 +56,15 @@ module OmniAuth
56
56
  end
57
57
  end
58
58
 
59
+ def authorize_params
60
+ super.tap do |params|
61
+ # Allow the scope to be determined dynamically based on the request.
62
+ if params.scope.respond_to?(:call)
63
+ params.scope = params.scope.call(request)
64
+ end
65
+ end
66
+ end
67
+
59
68
  def account_info
60
69
  @account_info ||= MultiJson.decode(heroku_api.get("/account").body)
61
70
  end
metadata CHANGED
@@ -1,41 +1,41 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: omniauth-heroku
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Pedro Belo
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2014-11-05 00:00:00.000000000 Z
11
+ date: 2016-06-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: omniauth
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - ~>
17
+ - - "~>"
18
18
  - !ruby/object:Gem::Version
19
19
  version: '1.2'
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - ~>
24
+ - - "~>"
25
25
  - !ruby/object:Gem::Version
26
26
  version: '1.2'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: omniauth-oauth2
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - ~>
31
+ - - "~>"
32
32
  - !ruby/object:Gem::Version
33
33
  version: '1.2'
34
34
  type: :runtime
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - ~>
38
+ - - "~>"
39
39
  - !ruby/object:Gem::Version
40
40
  version: '1.2'
41
41
  description: OmniAuth strategy for Heroku.
@@ -45,18 +45,10 @@ executables: []
45
45
  extensions: []
46
46
  extra_rdoc_files: []
47
47
  files:
48
- - .gitignore
49
- - .rspec
50
- - .travis.yml
51
- - Gemfile
52
48
  - LICENSE
53
49
  - README.md
54
- - Rakefile
55
50
  - lib/omniauth-heroku.rb
56
51
  - lib/omniauth/strategies/heroku.rb
57
- - omniauth-heroku.gemspec
58
- - spec/omniauth_heroku_spec.rb
59
- - spec/spec_helper.rb
60
52
  homepage: https://github.com/heroku/omniauth-heroku
61
53
  licenses:
62
54
  - MIT
@@ -67,17 +59,17 @@ require_paths:
67
59
  - lib
68
60
  required_ruby_version: !ruby/object:Gem::Requirement
69
61
  requirements:
70
- - - ! '>='
62
+ - - ">="
71
63
  - !ruby/object:Gem::Version
72
64
  version: '0'
73
65
  required_rubygems_version: !ruby/object:Gem::Requirement
74
66
  requirements:
75
- - - ! '>='
67
+ - - ">="
76
68
  - !ruby/object:Gem::Version
77
69
  version: '0'
78
70
  requirements: []
79
71
  rubyforge_project:
80
- rubygems_version: 2.2.2
72
+ rubygems_version: 2.6.4
81
73
  signing_key:
82
74
  specification_version: 4
83
75
  summary: OmniAuth strategy for Heroku.
data/.gitignore DELETED
@@ -1,17 +0,0 @@
1
- *.gem
2
- *.rbc
3
- .bundle
4
- .config
5
- .yardoc
6
- Gemfile.lock
7
- InstalledFiles
8
- _yardoc
9
- coverage
10
- doc/
11
- lib/bundler/man
12
- /pkg
13
- rdoc
14
- spec/reports
15
- test/tmp
16
- test/version_tmp
17
- tmp
data/.rspec DELETED
@@ -1 +0,0 @@
1
- --colour
data/.travis.yml DELETED
@@ -1,14 +0,0 @@
1
- language: ruby
2
- rvm:
3
- - 2.1.4
4
- - 2.0.0
5
- - 1.9.3
6
- cache: bundler
7
- notifications:
8
- hipchat:
9
- rooms:
10
- - 5bc7785d2feb4f25901124279daede@API
11
- template:
12
- - '%{repository}#%{build_number} (%{branch} - %{commit} : %{author}): %{message} (<a href="%{build_url}">Details</a> | <a href="%{compare_url}">Change view</a>)'
13
- format: html
14
- script: bundle exec rake
data/Gemfile DELETED
@@ -1,12 +0,0 @@
1
- source "https://www.rubygems.org"
2
-
3
- gemspec
4
-
5
- group :test do
6
- gem "multi_json"
7
- gem "rake"
8
- gem "rack-test"
9
- gem "rspec"
10
- gem "sinatra"
11
- gem "webmock"
12
- end
data/Rakefile DELETED
@@ -1,10 +0,0 @@
1
- #!/usr/bin/env rake
2
- require "bundler/gem_tasks"
3
- require "rspec/core/rake_task"
4
-
5
- task default: :spec
6
-
7
- desc "Run the specs"
8
- RSpec::Core::RakeTask.new do |t|
9
- t.pattern = "spec/**/*_spec.rb"
10
- end
@@ -1,17 +0,0 @@
1
- Gem::Specification.new do |gem|
2
- gem.authors = ["Pedro Belo"]
3
- gem.email = ["pedro@heroku.com"]
4
- gem.description = %q{OmniAuth strategy for Heroku.}
5
- gem.summary = %q{OmniAuth strategy for Heroku.}
6
- gem.homepage = "https://github.com/heroku/omniauth-heroku"
7
- gem.license = "MIT"
8
-
9
- gem.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
10
- gem.files = `git ls-files`.split("\n")
11
- gem.name = "omniauth-heroku"
12
- gem.require_paths = ["lib"]
13
- gem.version = "0.2.0"
14
-
15
- gem.add_dependency 'omniauth', '~> 1.2'
16
- gem.add_dependency 'omniauth-oauth2', '~> 1.2'
17
- end
@@ -1,89 +0,0 @@
1
- require "spec_helper"
2
-
3
- describe OmniAuth::Strategies::Heroku do
4
- before do
5
- @token = "6e441b93-4c6d-4613-abed-b9976e7cff6c"
6
- @user_id = "ddc4beff-f08f-4856-99d2-ba5ac63c3eb9"
7
-
8
- # stub the API call made by the strategy to start the oauth dance
9
- stub_request(:post, "https://id.heroku.com/oauth/token").
10
- to_return(
11
- headers: { "Content-Type" => "application/json" },
12
- body: MultiJson.encode(
13
- access_token: @token,
14
- expires_in: 3600,
15
- user_id: @user_id))
16
- end
17
-
18
- it "redirects to start the OAuth flow" do
19
- get "/auth/heroku"
20
- assert_equal 302, last_response.status
21
- redirect = URI.parse(last_response.headers["Location"])
22
- redirect_params = CGI::parse(redirect.query)
23
- assert_equal "https", redirect.scheme
24
- assert_equal "id.heroku.com", redirect.host
25
- assert_equal [ENV["HEROKU_OAUTH_ID"]], redirect_params["client_id"]
26
- assert_equal ["code"], redirect_params["response_type"]
27
- assert_equal ["http://example.org/auth/heroku/callback"],
28
- redirect_params["redirect_uri"]
29
- end
30
-
31
- it "receives the callback" do
32
- # trigger the callback setting the state as a param and in the session
33
- state = SecureRandom.hex(8)
34
- get "/auth/heroku/callback", { "state" => state },
35
- { "rack.session" => { "omniauth.state" => state }}
36
- assert_equal 200, last_response.status
37
-
38
- omniauth_env = MultiJson.decode(last_response.body)
39
- assert_equal "heroku", omniauth_env["provider"]
40
- assert_equal @user_id, omniauth_env["uid"]
41
- assert_equal "Heroku user", omniauth_env["info"]["name"]
42
- end
43
-
44
- it "fetches additional info when requested" do
45
- # change the app being tested:
46
- @app = make_app(fetch_info: true)
47
-
48
- # stub the API call to heroku
49
- account_info = {
50
- "email" => "john@example.org",
51
- "name" => "John"
52
- }
53
- stub_request(:get, "https://api.heroku.com/account").
54
- with(headers: { "Authorization" => "Bearer #{@token}" }).
55
- to_return(body: MultiJson.encode(account_info))
56
-
57
- # hit the OAuth callback
58
- state = SecureRandom.hex(8)
59
- get "/auth/heroku/callback", { "state" => state },
60
- { "rack.session" => { "omniauth.state" => state }}
61
- assert_equal 200, last_response.status
62
-
63
- # now make sure there's additional info in the omniauth env
64
- omniauth_env = MultiJson.decode(last_response.body)
65
- assert_equal "heroku", omniauth_env["provider"]
66
- assert_equal @user_id, omniauth_env["uid"]
67
- assert_equal "john@example.org", omniauth_env["info"]["email"]
68
- assert_equal "John", omniauth_env["info"]["name"]
69
- assert_equal account_info, omniauth_env["extra"]
70
- end
71
-
72
- describe "error handling" do
73
- it "renders an error when client_id is not informed" do
74
- @app = make_app(client_id: nil)
75
- get "/auth/heroku"
76
- assert_equal 302, last_response.status
77
- redirect = URI.parse(last_response.headers["Location"])
78
- assert_equal "/auth/failure", redirect.path
79
- end
80
-
81
- it "renders an error when client_secret is not informed" do
82
- @app = make_app(client_secret: "") # should also handle empty strings
83
- get "/auth/heroku"
84
- assert_equal 302, last_response.status
85
- redirect = URI.parse(last_response.headers["Location"])
86
- assert_equal "/auth/failure", redirect.path
87
- end
88
- end
89
- end
data/spec/spec_helper.rb DELETED
@@ -1,56 +0,0 @@
1
- ENV["SESSION_SECRET"] = "abcdefghjij"
2
- ENV["HEROKU_OAUTH_ID"] = "12345"
3
- ENV["HEROKU_OAUTH_SECRET"] = "klmnopqrstu"
4
-
5
- require "rubygems"
6
- require "bundler"
7
- Bundler.setup(:default, :test)
8
- require "omniauth/strategies/heroku"
9
-
10
- require "cgi"
11
- require "rspec"
12
- require "rack/test"
13
- require "sinatra"
14
- require "webmock/rspec"
15
-
16
- Dir["./spec/support/*.rb"].each { |f| require f }
17
-
18
- WebMock.disable_net_connect!
19
-
20
- OmniAuth.config.logger = Logger.new(StringIO.new)
21
-
22
- RSpec.configure do |config|
23
- config.include Rack::Test::Methods
24
- config.expect_with :minitest
25
-
26
- def app
27
- @app || make_app
28
- end
29
-
30
- def make_app(omniauth_heroku_options={})
31
- client_id = ENV["HEROKU_OAUTH_ID"]
32
- client_secret = ENV["HEROKU_OAUTH_SECRET"]
33
- if omniauth_heroku_options.has_key?(:client_id)
34
- client_id = omniauth_heroku_options.delete(:client_id)
35
- end
36
- if omniauth_heroku_options.has_key?(:client_secret)
37
- client_secret = omniauth_heroku_options.delete(:client_secret)
38
- end
39
-
40
- Sinatra.new do
41
- configure do
42
- enable :sessions
43
- set :show_exceptions, false
44
- set :session_secret, ENV["SESSION_SECRET"]
45
- end
46
-
47
- use OmniAuth::Builder do
48
- provider :heroku, client_id, client_secret, omniauth_heroku_options
49
- end
50
-
51
- get "/auth/heroku/callback" do
52
- MultiJson.encode(env['omniauth.auth'])
53
- end
54
- end
55
- end
56
- end