Auth hash in new version #14
Description
I'm working on something new and have been playing with this gem before and after this 2.5.0 update
I see now the Auth hash is pretty barebones:
The omniauth-slack gem will now copy the access-token hash to the AuthHash info section, but it will no longer be mapping specific data points from the access-token to specific fields in the AuthHash info section (other than info fields that are 'required' by the OmniAuth::AuthHash schema spec).
Some misc feedback/questions:
- I think it'd be helpful to provide (at least in documentation) an implementation that fills out the simple
infofields listed here even if not required, such as email, nickname, first_name, last_name of the user. - I'm a bit confused why you're including the access token in the
infosection? Is that typical in OmniAuth (I've never worked with other providers before) but it seems surprising based on my reading of schema since there's a separate section forcredentialsandraw_infoalready. And even if you don't include the Access Token object ininfo, it's still available viarequest.env['omniauth.strategy'].access_tokenalready, right? - This is more of a general OmniAuth question, but -- is it "normal" to put extra fields into the
infosection of the Auth Hash, or is it best practice to have theinfosection only contains fields listed inschemaand to put everything else inextra?
In my case I'm trying to allow Sign in with Slack but also grabbing/storing some additional information about their team from users.list. Slightly confused regarding putting e.g. my users.list API call in the Strategy, the OmniauthCallbacksController, or User.from_omniauth. Also trying to plan for other providers besides Slack. This is what made me think it was odd to put non-standard fields in the info section of AuthHash, but I'm not sure.