If your institution uses Google as your Single Sign-On provider for READynamic, your users will be able to log on to READynamic with their Gmail accounts.
To configure OAuth2 to work with Google, start by going to the Google Developer’s site. Visit:
A Google Sign-on window appears. Log on to this developer dashboard. Any Gmail address will work, though you would probably want to use an address intended as an administrator account for your institution.
The Dashboard appears for Google APIs.
First, enable the Google+ API.
Click on the top of the screen.
From the search field that appears, also at the top of the screen, type Google+ API. You don’t need to press ENTER. The option for the Google+ API appears.
Click the picture, and then click to enable the API.
On the upper left side of the window, click Credentials.
Click . A drop down list appears.
Select OAuth Client ID.
Select Web application.
Enter a name for the new Client.
Provide a web address for the “Authorized redirect URIs” field. After Google authorizes a client for access, Google will direct the client back to this address for log on requests to READynamic. For READynamic, this is usually based on the URL for your customer portal. Your address should look something like this:
Google will show a result message for your new OAuth client:
A window appears where you can copy or edit values.
Google will automatically assign your new OAuth2 client a set of keys, a Client ID and a Client secret. See the example below.
The Client ID is used with the customer’s OAuth2 service provider to identify the software product or service in use.
The Client security key used to identify the OAuth2 consumer with the customer’s service provider. The Single Sign-On service provider will provide this code.
You will need to copy these values and add them to the omniauth_overrides.YML configuration file included with your READynamic installation package.
Edit the parameter settings in the omniauth_overrides.YML configuration file.
Look for the settings for Google OAuth2 strategy:
# Google OAuth2 strategy, uses the google_oauth2 gem google_oauth2: client_id: secret: redirect_uri:
Copy the Client ID and client secret from your Google OAuth client and add them to these parameters in this YML file.
You also need to provide a web address for the redirect_uri value. This is the same web address you added to the “Authorized redirect URIs” field on the Create OAuth Client ID screen from the Google Console Developer’s Screen. Google will direct the client back to this address for log on requests to READynamic. For READynamic, this is usually based on the URL for your customer portal.
Your result should look something like this:
# Google OAuth2 strategy, uses the google_oauth2 gem google_oauth2: client_id: 949077472828-hqoh5jova51dxrer7grm7k74b2c6jg18.apps.googleusercontent.com secret: 9CI-IkI_qZotHflIaGoq-Bmm redirect_uri: http://boxcollege.readynamic.com/auth/google_oauth2/callback
You also need to edit two settings in the server_configuration_overrides.YML configuration file, enabled and redirect. Look for the content related to OmniAuth:
# if enabled, omniauth initializer loads "config/omniauth.yml" # and makes configured omniauth strategies available via OMNIAUTH_CONFIG omniauth: enabled: true # true, if 'providers' route is supported. # This route shows all the omniauth providers configured in omniauth.yml. # Currently it is only enabled in ATB Pro providers: false # if login_strategy is enabled, portal's home will be redirected to "redirect" path login_strategy: enabled: true redirect: /auth/google_oauth2
Make sure that Omniauth is enabled, and that a redirect path name is provided, like this:
enabled: true redirect: /auth/google_oauth2