Create Fellowship One SSO strategy for OmniAuth

Goal: Create an OmniAuth strategy gem to authenticate a Fellowship One portal user using Fellowship One Single Sign-On web service. Background: Our database contains many accounts with Fellowship One access tokens. Each account has a unique church_code. An account has the church_code and access token & secret stored in a database record. The account will have been previously established and authorized by the account owner. Details: A guest user will enter his username and password AND church_code. Lookup account by church_code. e.g. Account.find_by(f1_church_code: ‘my_church_code') If an account with the church_code exists, pass username and password plus the access token from the account record to Fellowship One (F1). If church code key does not exist with a registered account, inform guest that "account not found." Once authenticated by Fellowship One, it will redirect back to our application. If authenticated F1 user exists in Rails app, start new user session in Rails app. If authenticated F1 user does not exist in the Rails app, but does have a valid church_code, take user to Devise's registration process. Associate user to account with church code and send and email notification to account admin that "a new user is created and pending approval." Specifications: The Rails app is preauthorized by account owner to interact with Fellowship One. The F1 church code, access token and secret are stored with each account in the Rails app. Fellowship One church code is always lowercase, no spaces or special characters. Do not submit if invalid. Account schema: f1_church_code, f1_access_token and f1_access_secret, email_address Use devise and omniauth gems. Use Base Rails application to develop project. Devise and OmniAuth are already configured. [login to view URL] ActiveAdmin interface already configured for account and user management [login to view URL] Creation of application authorization not needed from programmer. Pre-established application church code and auth tokens will be provided to accepted bidder so that testing can be performed. Fellowship One documentation: [login to view URL] [login to view URL] [login to view URL] Here is the example Fellowship One login UI: [login to view URL] OmniAuth documentation and examples: [login to view URL] [login to view URL] [login to view URL] Example OmniAuth strategies [login to view URL] [login to view URL] [login to view URL] [login to view URL] [login to view URL] [login to view URL] [login to view URL]