This is the unofficial OmniAuth strategy for authenticating via OAuth2 to ESIA (GosUslugi). Read more here
Built using omniauth-oauth2.
Add this line to your application's Gemfile:
gem 'omniauth-esia'And then execute:
$ bundle
Or install it yourself as:
$ gem install omniauth-esia
OmniAuth::Strategies::Esia is simply a Rack middleware.
In Your Rails application:
# Gemfile
gem 'omniauth-esia'# config/initializers/omniauth.rb
Rails.application.config.middleware.use OmniAuth::Builder do
provider :esia, ENV['ESIA_ID'],
scope: 'fullname email',
key_passphrase: 'password',
key_path: "#{Rails.root}/config/keys/private.key",
crt_path: "#{Rails.root}/config/keys/certificate.crt"
endor in Your Rails application with Devise. See full instruction here
# config/initializers/devise.rb
Devise.setup do |config|
config.omniauth :esia, ENV['ESIA_ID'],
scope: 'fullname email',
key_passphrase: 'password',
key_path: "#{Rails.root}/config/keys/private.key",
crt_path: "#{Rails.root}/config/keys/certificate.crt"
endRead the ESIA docs for more details
You can configure several options, which you pass in to the provider method via a Hash:
client_id: ESIA identifierscope: a space-separated list of access permissions you want to request from the user. Example'fullname gender email'key_path: path to private key. Default toconfig/keys/private.keycrt_path: path to certificate. Default toconfig/keys/certificate.crtclient_options: path to certificate. Default tohttps://esia.gosuslugi.ru. For ESIA's test environment set tohttps://esia-portal1.test.gosuslugi.ru
client_options: {
site: 'https://esia-portal1.test.gosuslugi.ru',
authorize_url: '/aas/oauth2/ac',
token_url: '/aas/oauth2/te'
}v 0.2.3 - adds key_passphrase option v 0.2.1 - corrects email fetching v 0.2.0 - corrects namespacing v 0.1.0 - first release
Bug reports and pull requests are welcome on GitHub at https://github.com/elsant/omniauth-esia.
The gem is available as open source under the terms of the MIT License.