OmniAuth Shibboleth strategy configuration not passed through

Question

I'm trying to make use of omniauth-shibboleth strategy (with rack-saml).

My omniauth initializer looks like this:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :shibboleth, {
    :info_fields => {
      :email => 'mail',
    },
    :extra_fields => [:cn, :sn, :schacHomeOrganization],
  }
end

Everything is successful up to the point where omniauth-shibboleth should set up omniauth.auth ENV variable, but this ends up partial.

Namely - it does detect eduPersonPrincipalName and passes it to uid filed correctly - I can see it.

But it fails to fill in email, and the extra parameters cn, sn, schacHomeOrganization.

I have verified that the request.env does contain all of the required attributes, so the problem is not at Shibboleth side.

For debugging, I hardcoded the options in Gem file lib/omniauth/strategies/shibboleth.rb:

  option :info_fields, {:email => 'mail'}
  option :extra_fields, [:cn, :sn, :schacHomeOrganization]

Then everything works.

So, there seems to be problem either with my Omniauth setup or with the way omniauth-shibboleth handles the options, so that my configuration does not end up merged with default values.

What am I doing wrong?

Versions:

omniauth - 1.1.1
omniauth-shibboleth - 1.0.8
rack-saml - 0.0.4

pow - 0.4.0

Answer 1

It turned out that Devise handles Omniauth initialization itself and while I could use config/initializers/omniauth.rb to toggle :debug => true, Devise overrode any other options I had set.

So the correct place to configure Omniauth strategies while using Devise is in config/initializers/devise.rb:

config.omniauth :shibboleth, {:uid_field => 'eppn',
                     :info_fields => {:email => 'mail', :name => 'cn', :last_name => 'sn'},
                     :extra_fields => [:schacHomeOrganization]
              }

Previously I thought that that line only hints Devise which strategy is the default.