Token based authentication with LDAP only

[ruanpetterson]

Hello everybody,

I'm trying to accomplish the following:

• Build a standalone API, which will be consumed by web client for now which runs on a separate server instance, and later possibly by Android/IOS.
• Build a standalone angular app using ng-token-auth which will consume the above API.

I'm only using Rails 5.0 API (rails new app --api), devise_token_auth and omniauth-ldap. I have not customize configuration.

When I submit a POST request into /omniauth/ldap/callback with { "username":"username", "password":"password", "provider":"ldap" } I got:

Started POST "/omniauth/ldap/callback" for ::1 at 2017-03-17 23:43:31 +0000
    ActiveRecord::SchemaMigration Load (0.1ms)  SELECT "schema_migrations".* FROM "schema_migrations"
Processing by DeviseTokenAuth::OmniauthCallbacksController#redirect_callbacks as */*
    Parameters: {"username"=>"username", "password"=>"[FILTERED]", "provider"=>"ldap", "omniauth_callback"=>{"username"=>"username", "password"=>"[FILTERED]", "provider"=>"ldap"}}
Completed 500 Internal Server Error in 1ms (ActiveRecord: 0.0ms)

NoMethodError (undefined method `[]' for nil:NilClass):
devise_token_auth (0.1.40) app/controllers/devise_token_auth/omniauth_callbacks_controller.rb:14:in `redirect_callbacks'

My config/routes.rb seems to be okay:

Rails.application.routes.draw do
  mount_devise_token_auth_for 'User', at: 'auth'
  # For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html
end

And rake routes is returning normal:

$ rake routes
                  Prefix Verb     URI Pattern                            Controller#Action
        new_user_session GET      /auth/sign_in(.:format)                devise_token_auth/sessions#new
            user_session POST     /auth/sign_in(.:format)                devise_token_auth/sessions#create
    destroy_user_session DELETE   /auth/sign_out(.:format)               devise_token_auth/sessions#destroy
       new_user_password GET      /auth/password/new(.:format)           devise_token_auth/passwords#new
      edit_user_password GET      /auth/password/edit(.:format)          devise_token_auth/passwords#edit
           user_password PATCH    /auth/password(.:format)               devise_token_auth/passwords#update
                         PUT      /auth/password(.:format)               devise_token_auth/passwords#update
                         POST     /auth/password(.:format)               devise_token_auth/passwords#create
cancel_user_registration GET      /auth/cancel(.:format)                 devise_token_auth/registrations#cancel
   new_user_registration GET      /auth/sign_up(.:format)                devise_token_auth/registrations#new
  edit_user_registration GET      /auth/edit(.:format)                   devise_token_auth/registrations#edit
       user_registration PATCH    /auth(.:format)                        devise_token_auth/registrations#update
                         PUT      /auth(.:format)                        devise_token_auth/registrations#update
                         DELETE   /auth(.:format)                        devise_token_auth/registrations#destroy
                         POST     /auth(.:format)                        devise_token_auth/registrations#create
   new_user_confirmation GET      /auth/confirmation/new(.:format)       devise_token_auth/confirmations#new
       user_confirmation GET      /auth/confirmation(.:format)           devise_token_auth/confirmations#show
                         POST     /auth/confirmation(.:format)           devise_token_auth/confirmations#create
     auth_validate_token GET      /auth/validate_token(.:format)         devise_token_auth/token_validations#validate_token
            auth_failure GET      /auth/failure(.:format)                devise_token_auth/omniauth_callbacks#omniauth_failure
                         GET      /auth/:provider/callback(.:format)     devise_token_auth/omniauth_callbacks#omniauth_success
                         GET|POST /omniauth/:provider/callback(.:format) devise_token_auth/omniauth_callbacks#redirect_callbacks
        omniauth_failure GET|POST /omniauth/failure(.:format)            devise_token_auth/omniauth_callbacks#omniauth_failure
                         GET      /auth/:provider(.:format)              redirect(301)

I configured config/initializers/omniauth.rb just like omniauth wiki exemplifies:

Rails.application.config.middleware.use OmniAuth::Builder do
    provider :ldap,
        :host => 'my.server.com',
        :port => 389,
        :method => :plain,
        :base => 'dc=my, dc=server, dc=com',
        :uid => 'uid',
        :password => 'mypasswd'
end

Am I missing something? I already had the NoSessionError issue and fixed with tiagocassio's tip.

[zachfeldman]

Hi there @ruanpetterson ,

In an effort to cleanup this project and prioritize a bit, we're marking issues that haven't had any activity in a while with a "close-in-7-days" label. If we don't hear from you in about a week, we'll be closing this issue. Obviously feel free to re-open it at any time if it's the right time or this was done in error!

If you are still having the issue (especially if it's a bug report) please refer to our new Issue Template to provide some more details to help us solve it.

Hope all is well.