This repo is out of date and is archived. Check out an updated tutorial on using FusionAuth with Ruby on Rails or the updated GitHub repository.
This project contains the companion code for How to securely implement OAuth in Ruby on Rails. It demonstrates how to integrate with FusionAuth's OAuth system using the Authorization Code grant.
-
Ruby version 2.7
-
Rails version 6
This assumes you already have a running FusionAuth instance, user and application running locally. If you don't, please see the 5-Minute Setup Guide to do so.
-
For further specific configuration details, see How to securely implement OAuth in Ruby on Rails.
-
Create a new FusionAuth application
-
Add a redirect url of http://localhost:3000/oauth2-callback
-
Make sure you add http://localhost:3000/endsession as the logout URL
-
Save the application
-
Get the client id and client secret and update config/environments/development.rb
-
Update the tenant's issuer by going to "Tenants" and editing your tenant. Go to the "General" tab and change the "Issuer" to be
fusionauth.io. Save the tenant. -
Register the user for the application
-
Install dependencies
bundle install
- Get the HMAC secret used to sign the JWTs by going to Key Master in FusionAuth. Set the HMAC_SECRET environment variable to this value.
- Start the server:
HMAC_SECRET='2l...' rails s - Visit localhost:3000 and log in.