Heroku Torii Provider

A Heroku OAuth2 provider for Torii, enabling authentication with Heroku in Ember.js applications.

This addon uses Torii 1.0.0+ from the adopted-ember-addons organization. Torii has moved to adopted-ember-addons to ensure continued maintenance and compatibility with modern Ember applications (Ember 3.x+ and 4.x).

Compatibility

• Ember.js v3.28 or above
• Ember CLI v3.28 or above
• Node.js v20 or above
• Torii v1.0.0 or above

Upgrading to @heroku/torii-provider-heroku 1.0.0

⚠️ Breaking Changes: Version 1.0.0 of @heroku/torii-provider-heroku upgrades to Torii v1.0.0, which removes implicit injections (deprecated in Ember 3.x and removed in Ember 4.x).

Why this change? Torii has moved to the adopted-ember-addons organization to ensure continued maintenance and compatibility with modern Ember applications. The 1.0.0 release updates torii for Ember 4.x compatibility by removing deprecated implicit injections.

When upgrading from @heroku/torii-provider-heroku 0.x to 1.0.0, you must now explicitly inject the session and torii services in your routes, controllers, and components:

import Route from '@ember/routing/route';
import AuthenticatedRouteMixin from 'torii/routing/authenticated-route-mixin';
import { service } from '@ember/service';

export default class MyAuthenticatedRoute extends Route.extend(AuthenticatedRouteMixin) {
  @service session;
  @service torii;
}

In controllers and components:

import Controller from '@ember/controller';
import { service } from '@ember/service';

export default class MyController extends Controller {
  @service session;
  @service torii;
}

Installation

pnpm add @heroku/torii-provider-heroku

Configuration

Configure Torii in your config/environment.js:

ENV['torii'] = {
  sessionServiceName: 'session',
  providers: {
    'heroku-oauth2': {
      // Add your Heroku OAuth configuration here
    }
  }
};

Usage

Include the mixin in your app/routes/application.js file

import Route from '@ember/routing/route';
import HerokuAuthable from '@heroku/torii-provider-heroku/mixins/heroku-authable';

export default class ApplicationRoute extends Route.extend(HerokuAuthable) {
  // Your route implementation
}

Redirect Authentication

By default, attempting to access a protected route as an unauthenticated user will trigger a redirect to id.heroku.com:

<LinkTo @route="some-protected-route">
  Click to visit a protected route and be redirected to Identity
</LinkTo>

Pop-up Authentication

You can also authenticate users in a pop-up window:

<button type="button" {{on "click" this.loginToHeroku}}>
  Click to authenticate in a pop-up
</button>

In your controller or component:

import Controller from '@ember/controller';
import { service } from '@ember/service';
import { action } from '@ember/object';

export default class ApplicationController extends Controller {
  @service torii;

  @action
  async loginToHeroku() {
    try {
      const authorization = await this.torii.open('heroku-oauth2');
      // Handle successful authentication
    } catch (error) {
      // Handle authentication error
    }
  }
}

Development

Running Tests

pnpm install
pnpm test

Running the Dummy App

This repo includes a dummy app to demonstrate and test how it works:

pnpm install
pnpm start

Then visit http://localhost:4200

Resources

• Torii Documentation
• Heroku OAuth Documentation

License

MIT