This is an example repo combining Rails API with the Doorkeeper admin UI, making use of Devise for login pages, admin auth, and password flows. The Doorkeeper tokens issued are JWTs with a payload + header that looks like this:
[{"iss": "account_service",
"iat": 1527438897,
"exp": 1527440097,
"jti": "add3ef92-a512-429b-a834-3a3523866cdd",
"sub": "account_service|1",
"expires_at": "2018-05-27T16:54:57Z",
"user": {"id": 1, "email": "local@example.com"}},
{"typ": "JWT", "alg": "HS512"}]Firstly I wanted to understand what was needed for SSO/OAuth2/JWT combo to work in the modern age, secondly everything else had some shortcomings either in usability or flexibility.
https://github.com/doorkeeper-gem/doorkeeper-devise-client
- Using old versions, no JWT
https://github.com/digivizer/warden-jwt
- Uses password flow strategy
https://github.com/waiting-for-dev/warden-jwt_auth
- Is good but limits the JWT decode options
https://github.com/mbleigh/omniauth-jwt
- Expects HTTP based on redirects for flow
https://github.com/betterup/devise-doorkeeper
- No JWT support
I cobbled together examples from all the above + the JWT spec + Auth0 articles. This is not a complete application and you shouldn't just drop it into your production env! YMMV, this is for reference only.