omniauth-google-oauth2 0.5.3 → 0.5.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b272ef7383811111988e246c36713b9cb05808ee
-  data.tar.gz: bcfc5288908b05a8b6b12694e1a5fffb423f3a25
+  metadata.gz: 2a7656373110c92e06996caa456eea2a5dd429b6
+  data.tar.gz: 54fa84ae8d29ab08e9387e79a7dde7796b4f5ddf
 SHA512:
-  metadata.gz: 20e8acd4f1a5936771232d7eb36f45bd94c652f2732827235d0c14e0d0cfd57db34a6fd0f9205838eecb922e8ca4a429c84fc5f21af971b119bc467a3de76313
-  data.tar.gz: 906640488bc922b90bb224027c2f748e40bd6ae5554ed49a5e63210bbdfeeda17d3e058e21e89ab4a0442468fcebb883afcdf29486b734b6be49003fba085928
+  metadata.gz: d8c0b4beb4561a205866bbb36ef4fe5b438d95e07cf8832f1e657e48f04657e98d99c28bf69ad3f53b564c47017435cc8d38a7c9eb48700a0b07a642a6012624
+  data.tar.gz: 7e3fd2adca8bb3227da30c0492c5738fdbeb7e50c8ccb8df2dac2379407ad5230092d26f4942e1654fdf680c2c961556ad111ab71d5fb788f48dcc1e24f3f324

data/.travis.yml

@@ -4,3 +4,4 @@ rvm:
   - '2.2.7'
   - '2.3.4'
   - '2.4.1'
+  - '2.5.0'

data/CHANGELOG.md

@@ -1,6 +1,20 @@
 # Changelog
 All notable changes to this project will be documented in this file.
 
+## 0.5.4 - 2018-12-07
+
+### Added
+- New recommended endpoints for Google OAuth.
+
+### Deprecated
+- Nothing.
+
+### Removed
+- Nothing.
+
+### Fixed
+- Nothing.
+
 ## 0.5.3 - 2018-01-25
 
 ### Added
@@ -20,7 +34,7 @@ All notable changes to this project will be documented in this file.
 ## 0.5.2 - 2017-07-30
 
 ### Added
-- Nothing
+- Nothing.
 
 ### Deprecated
 - Nothing.
@@ -29,7 +43,7 @@ All notable changes to this project will be documented in this file.
 - New `authorize_url` and `token_url` endpoints are reverted until JWT 2.0 ships.
 
 ### Fixed
-- Nothing
+- Nothing.
 
 ## 0.5.1 - 2017-07-19
 

data/README.md

@@ -95,8 +95,7 @@ Here's an example of a possible configuration where the strategy name is changed
 Rails.application.config.middleware.use OmniAuth::Builder do
   provider :google_oauth2, ENV['GOOGLE_CLIENT_ID'], ENV['GOOGLE_CLIENT_SECRET'],
     {
-      name: 'google',
-      scope: 'email, profile, plus.me, http://gdata.youtube.com',
+      scope: 'userinfo.email, userinfo.profile, plus.me, http://gdata.youtube.com',
       prompt: 'select_account',
       image_aspect_ratio: 'square',
       image_size: 50
@@ -168,6 +167,7 @@ Configuration options can be passed as the last parameter here as key/value pair
 ```ruby
 config.omniauth :google_oauth2, 'GOOGLE_CLIENT_ID', 'GOOGLE_CLIENT_SECRET', {}
 ```
+NOTE: If you are using this gem with devise with above snippet in `config/initializers/devise.rb` then do not create `config/initializers/omniauth.rb` which will conflict with devise configurations.
 
 Then add the following to 'config/routes.rb' so the callback routes are defined.
 
@@ -303,7 +303,7 @@ If you're making POST requests to `/auth/google_oauth2/callback` from another do
 Just set the `full_host` in OmniAuth based on the Rails.env.
 
 ```
-# config/initialisers/omniauth.rb
+# config/initializers/omniauth.rb
 OmniAuth.config.full_host = Rails.env.production? ? 'https://domain.com' : 'http://localhost:3000'
 ```
 

data/examples/config.ru

@@ -21,63 +21,63 @@ OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE
 class App < Sinatra::Base
   get '/' do
     <<-HTML
-<!DOCTYPE html>
-<html>
-  <head>
-    <title>Google OAuth2 Example</title>
-    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
-    <script>
-      jQuery(function() {
-        return $.ajax({
-          url: 'https://apis.google.com/js/client:plus.js?onload=gpAsyncInit',
-          dataType: 'script',
-          cache: true
-        });
-      });
+    <!DOCTYPE html>
+    <html>
+      <head>
+        <title>Google OAuth2 Example</title>
+        <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
+        <script>
+          jQuery(function() {
+            return $.ajax({
+              url: 'https://apis.google.com/js/client:plus.js?onload=gpAsyncInit',
+              dataType: 'script',
+              cache: true
+            });
+          });
 
-      window.gpAsyncInit = function() {
-        gapi.auth.authorize({
-          immediate: true,
-          response_type: 'code',
-          cookie_policy: 'single_host_origin',
-          client_id: '#{ENV['GOOGLE_KEY']}',
-          scope: 'email profile'
-        }, function(response) {
-          return;
-        });
-        $('.googleplus-login').click(function(e) {
-          e.preventDefault();
-          gapi.auth.authorize({
-            immediate: false,
-            response_type: 'code',
-            cookie_policy: 'single_host_origin',
-            client_id: '#{ENV['GOOGLE_KEY']}',
-            scope: 'email profile'
-          }, function(response) {
-            if (response && !response.error) {
-              // google authentication succeed, now post data to server.
-              jQuery.ajax({type: 'POST', url: "/auth/google_oauth2/callback", data: response,
-                success: function(data) {
-                  // Log the data returning from google.
-                  console.log(data)
+          window.gpAsyncInit = function() {
+            gapi.auth.authorize({
+              immediate: true,
+              response_type: 'code',
+              cookie_policy: 'single_host_origin',
+              client_id: '#{ENV['GOOGLE_KEY']}',
+              scope: 'email profile'
+            }, function(response) {
+              return;
+            });
+            $('.googleplus-login').click(function(e) {
+              e.preventDefault();
+              gapi.auth.authorize({
+                immediate: false,
+                response_type: 'code',
+                cookie_policy: 'single_host_origin',
+                client_id: '#{ENV['GOOGLE_KEY']}',
+                scope: 'email profile'
+              }, function(response) {
+                if (response && !response.error) {
+                  // google authentication succeed, now post data to server.
+                  jQuery.ajax({type: 'POST', url: "/auth/google_oauth2/callback", data: response,
+                    success: function(data) {
+                      // Log the data returning from google.
+                      console.log(data)
+                    }
+                  });
+                } else {
+                  // google authentication failed.
+                  console.log("FAILED")
                 }
               });
-            } else {
-              // google authentication failed.
-              console.log("FAILED")
-            }
-          });
-        });
-      };
-    </script>
-  </head>
-  <body>
-  <ul>
-    <li><a href='/auth/google_oauth2'>Sign in with Google</a></li>
-    <li><a href='#' class="googleplus-login">Sign in with Google via AJAX</a></li>
-  </ul>
-  </body>
-</html>
+            });
+          };
+        </script>
+      </head>
+      <body>
+      <ul>
+        <li><a href='/auth/google_oauth2'>Sign in with Google</a></li>
+        <li><a href='#' class="googleplus-login">Sign in with Google via AJAX</a></li>
+      </ul>
+      </body>
+    </html>
     HTML
   end
 

data/lib/omniauth/google_oauth2/version.rb

@@ -2,6 +2,6 @@
 
 module OmniAuth
   module GoogleOauth2
-    VERSION = '0.5.3'
+    VERSION = '0.5.4'
   end
 end

data/lib/omniauth/strategies/google_oauth2.rb

@@ -22,9 +22,9 @@ module OmniAuth
       option :verify_iss, true
 
       option :client_options,
-             site: 'https://accounts.google.com',
-             authorize_url: '/o/oauth2/auth',
-             token_url: '/o/oauth2/token'
+             site: 'https://oauth2.googleapis.com',
+             authorize_url: 'https://accounts.google.com/o/oauth2/auth',
+             token_url: '/token'
 
       def authorize_params
         super.tap do |params|
@@ -193,6 +193,7 @@ module OmniAuth
 
       def verify_token(access_token)
         return false unless access_token
+
         raw_response = client.request(:get, 'https://www.googleapis.com/oauth2/v3/tokeninfo',
                                       params: { access_token: access_token }).parsed
         raw_response['aud'] == options.client_id || options.authorized_client_ids.include?(raw_response['aud'])
@@ -200,12 +201,14 @@ module OmniAuth
 
       def verify_hd(access_token)
         return true unless options.hd
+
         @raw_info ||= access_token.get('https://www.googleapis.com/plus/v1/people/me/openIdConnect').parsed
 
         options.hd = options.hd.call if options.hd.is_a? Proc
         allowed_hosted_domains = Array(options.hd)
 
         raise CallbackError.new(:invalid_hd, 'Invalid Hosted Domain') unless allowed_hosted_domains.include?(@raw_info['hd']) || options.hd == '*'
+
         true
       end
     end

data/spec/omniauth/strategies/google_oauth2_spec.rb

@@ -30,15 +30,15 @@ describe OmniAuth::Strategies::GoogleOauth2 do
 
   describe '#client_options' do
     it 'has correct site' do
-      expect(subject.client.site).to eq('https://accounts.google.com')
+      expect(subject.client.site).to eq('https://oauth2.googleapis.com')
     end
 
     it 'has correct authorize_url' do
-      expect(subject.client.options[:authorize_url]).to eq('/o/oauth2/auth')
+      expect(subject.client.options[:authorize_url]).to eq('https://accounts.google.com/o/oauth2/auth')
     end
 
     it 'has correct token_url' do
-      expect(subject.client.options[:token_url]).to eq('/o/oauth2/token')
+      expect(subject.client.options[:token_url]).to eq('/token')
     end
 
     describe 'overrides' do

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-google-oauth2
 version: !ruby/object:Gem::Version
-  version: 0.5.3
+  version: 0.5.4
 platform: ruby
 authors:
 - Josh Ellithorpe
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-01-26 00:00:00.000000000 Z
+date: 2018-12-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: jwt
@@ -141,7 +141,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.11
+rubygems_version: 2.6.13
 signing_key: 
 specification_version: 4
 summary: A Google OAuth2 strategy for OmniAuth 1.x