I have an app “Client” that allows users to authenticate through “Provider” using Doorkeeper and Oauth2. My flow is this: user on Client clicks Login, it sends to user to login on Provider and then returns the user as a “signed_in” user on Client.
The next step is that I need to have roles implemented on the Provider and send that information along (with the user) to the Client, where the user can then do role-based things on Client.
Is there a suggested way to do this. My theory is that I put CanCan on the Provider, do a role check when a user logs in through Provider and send some param back to client that establishes the role.