In BlogPost, Rails, Ruby

How To Setup an OAuth Provider in Ruby on Rails With Doorkeeper and Devise

oauth logo

In a previous post on understanding OAuth I stated I had implemented an OAuth provider in Ruby on Rails 5 along with a test client. In this post, I describe how I implemented the provider.

The client will be described in an upcoming post.

Getting started with this tutorial

As a refresher, if you recall from the previous post on OAuth, the OAuth provider is responsible for giving your client application an access token so it can access the OAuth provider’s protected resource.

I present this tutorial as a series of steps. If any step is optional, I let you know in the subheading with a marking like (Optional).

Step 1 – Configure Doorkeeper In Your Existing Rails Application

In your Rails project Gemfile, add the following line and issue a bundle install command.

Once the gem is installed, it’s time run the gem’s install task as follows:

This will install a configuration file in config/initializers/doorkeeper.rb.

Next, run a migration task to generate some database migrations for ActiveRecord. ActiveRecord is the default ORM doorkeeper is configured to run with.

Then issue a rake db:migrate command to make the changes to your database.

Step 2 – Routes

The following will be added automatically to your config/routes.rb file by doorkeeper’s installation tasks you ran in the previous step.

Step 3 – Install Devise

I’m going to cover the bare minimum you need to get up and running with Devise but you can find more configuration options over at the main GitHub page.

Add the gem to your gemfile as follows:

Run the generator task:

If you’d like, you can do the configuration that will appear in the console to setup more configuration options.

Step 4 – Install Devise User

You should see something like the following in your terminal:

Next, I install some additional fields to help with this particular demonstration:

And finally, I run the migrations:

Step 3 – Authentication

In config/initializers/doorkeeper.rb I have:

In this particular block of code, I’m using Devise’s built in helpers. I’m essentially returning the current_user if a user is signed in, otherwise, I redirect you to the root_path.

Step 4 – Protecting /oauth/applications

An easy way to do this is to use the HTTP basic authentication that Rails gives you out of the box.

In config/routes.rb:

In config/environments/development.rb

Step 5 (optional) – Send custom information along with the access token

For this, I setup a custom controller that inherits from Doorkeeper.

In config/routes.rb:

Step 6 (optional) – Skip authorization for trusted applications

In config/initializers/doorkeeper.rb

Step 7 – Setup a protected resource endpoint

In config/routes.rb:

Step 8 – Setup a root path

Next, we’ll setup a default root path in our config/routes.rb file. If you don’t, you’ll see an error like the below in your console.

In config/routes.rb, add:

Next, create a StaticController:

Finally, create a view in app/views/static/index.html.haml


If you’ve made it this far, you have now setup an OAuth provider. In an upcoming post, I talk about how to implement a test client application so you can see everything in action.

Recent Posts
vim logoserver