omniauth-google-oauth2 0.1.17 → 0.1.18

data/.ruby-version

@@ -0,0 +1 @@
+ruby-1.9.3

data/README.md

@@ -32,20 +32,26 @@ You can now access the OmniAuth Google OAuth2 URL: `/auth/google_oauth2`
 
 You can configure several options, which you pass in to the `provider` method via a hash:
 
-* `scope`: A comma-separated list, without spaces, of permissions you want to request from the user. See the [Google OAuth 2.0 Playground](https://developers.google.com/oauthplayground/) for a full list of available permissions. Caveats:
+* `scope`: A comma-separated list of permissions you want to request from the user. See the [Google OAuth 2.0 Playground](https://developers.google.com/oauthplayground/) for a full list of available permissions. Caveats:
   * The `userinfo.email` and `userinfo.profile` scopes are used by default. By defining your own `scope`, you override these defaults. If you need these scopes, don't forget to add them yourself!
   * Scopes starting with `https://www.googleapis.com/auth/` do not need that prefix specified. So while you should use the smaller scope `books` since that permission starts with the mentioned prefix, you should use the full scope URL `https://docs.google.com/feeds/` to access a user's docs, for example.
-* `approval_prompt`: Determines whether the user is always re-prompted for consent. It's set to `force` by default so a user sees a consent page even if he has previously allowed access a given set of scopes. Set this value to `auto` so that the user only sees the consent page the first time he authorizes a given set of scopes.
+* `prompt`: A space-delimited list of string values that determines whether the user is re-prompted for authentication and/or consent. Possible values are:
+  * `none`: No authentication or consent pages will be displayed; it will return an error if the user is not already authenticated and has not pre-configured consent for the requested scopes. This can be used as a method to check for existing authentication and/or consent.
+  * `consent`: The user will always be prompted for consent, even if he has previously allowed access a given set of scopes.
+  * `select_account`: The user will always be prompted to select a user account. This allows a user who has multiple current account sessions to select one amongst them.
+
+  If no value is specified, the user only sees the authentication page if he is not logged in and only sees the consent page the first time he authorizes a given set of scopes.
+
 * `access_type`: Defaults to `offline`, so a refresh token is sent to be used when the user is not present at the browser. Can be set to `online`.
 
-Here's an example of a possible configuration where the user is asked for extra permissions and is only prompted once for such permissions:
+Here's an example of a possible configuration where the user is asked for extra permissions and is always prompted to select his account when logging in:
 
 ```ruby
 Rails.application.config.middleware.use OmniAuth::Builder do
   provider :google_oauth2, ENV["GOOGLE_KEY"], ENV["GOOGLE_SECRET"],
            {
-             :scope => "userinfo.email,userinfo.profile,plus.me,http://gdata.youtube.com",
-             :approval_prompt => "auto"
+             :scope => "userinfo.email, userinfo.profile, plus.me, http://gdata.youtube.com",
+             :prompt => "consent select_account"
            }
 end
 ```

data/lib/omniauth/google_oauth2/version.rb

@@ -1,5 +1,5 @@
 module OmniAuth
   module GoogleOauth2
-    VERSION = "0.1.17"
+    VERSION = "0.1.18"
   end
 end

data/lib/omniauth/strategies/google_oauth2.rb

@@ -4,11 +4,11 @@ module OmniAuth
   module Strategies
     class GoogleOauth2 < OmniAuth::Strategies::OAuth2
 
-      # Possible scopes: userinfo.email,userinfo.profile,plus.me
       DEFAULT_SCOPE = "userinfo.email,userinfo.profile"
 
       option :name, 'google_oauth2'
-      option :authorize_options, [:scope, :approval_prompt, :access_type, :state, :hd]
+
+      option :authorize_options, [:access_type, :hd, :prompt, :request_visible_actions, :scope, :state]
 
       option :client_options, {
         :site          => 'https://accounts.google.com',
@@ -23,19 +23,19 @@ module OmniAuth
           options[:authorize_options].each do |k|
             params[k] = request.params[k.to_s] unless [nil, ''].include?(request.params[k.to_s])
           end
-          scopes = (params[:scope] || DEFAULT_SCOPE).split(",")
+          scopes = (params[:scope] || DEFAULT_SCOPE).delete(' ').split(',')
           scopes.map! { |s| s =~ /^https?:\/\// ? s : "#{base_scope_url}#{s}" }
           params[:scope] = scopes.join(' ')
           # This makes sure we get a refresh_token.
           # http://googlecode.blogspot.com/2011/10/upcoming-changes-to-oauth-20-endpoint.html
           params[:access_type] = 'offline' if params[:access_type].nil?
-          params[:approval_prompt] = 'force' if params[:approval_prompt].nil?
+          params[:login_hint] = request.params['login_hint'] if request.params['login_hint']
           # Override the state per request
           session['omniauth.state'] = params[:state] if request.params['state']
         end
       end
 
-      uid{ raw_info['id'] || verified_email }
+      uid { raw_info['id'] || verified_email }
 
       info do
         prune!({

data/spec/omniauth/strategies/google_oauth2_spec.rb

@@ -46,7 +46,7 @@ describe OmniAuth::Strategies::GoogleOauth2 do
   end
 
   describe '#authorize_params' do
-    %w(approval_prompt access_type state hd any_other).each do |k|
+    %w(access_type hd prompt state any_other).each do |k|
       it "should set the #{k} authorize option dynamically in the request" do
         @options = {:authorize_options => [k.to_sym], k.to_sym => ''}
         subject.stub(:request) { double('Request', {:params => { k => 'something' }, :env => {}}) }
@@ -70,6 +70,11 @@ describe OmniAuth::Strategies::GoogleOauth2 do
         subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email')
       end
 
+      it 'should deal with whitespace when joining scopes' do
+        @options = { :authorize_options => [:scope], :scope => 'userinfo.profile, userinfo.email'}
+        subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email')
+      end
+
       it 'should set default scope to userinfo.email,userinfo.profile' do
         @options = { :authorize_options => [:scope]}
         subject.authorize_params['scope'].should eq('https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile')
@@ -82,15 +87,10 @@ describe OmniAuth::Strategies::GoogleOauth2 do
       end
     end
 
-    describe 'approval_prompt' do
-      it 'should set the approval_prompt parameter if present' do
-        @options = {:approval_prompt => 'prompt'}
-        subject.authorize_params['approval_prompt'].should eq('prompt')
-      end
-
-      it 'should default to "force"' do
-        @options = {}
-        subject.authorize_params['approval_prompt'].should eq('force')
+    describe 'prompt' do
+      it 'should set the prompt parameter if present' do
+        @options = {:prompt => 'consent select_account'}
+        subject.authorize_params['prompt'].should eq('consent select_account')
       end
     end
 
@@ -126,6 +126,13 @@ describe OmniAuth::Strategies::GoogleOauth2 do
         subject.authorize_params['hd'].should eq('example.com')
       end
     end
+
+    describe 'login_hint' do
+      it 'should set the login_hint parameter if present' do
+        subject.stub(:request) { double('Request', {:params => { 'login_hint' => 'example@example.com' }, :env => {}}) }
+        subject.authorize_params['login_hint'].should eq('example@example.com')
+      end
+    end
   end
 
   describe 'raw info' do

metadata

@@ -1,95 +1,90 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: omniauth-google-oauth2
-version: !ruby/object:Gem::Version 
-  hash: 57
+version: !ruby/object:Gem::Version
+  version: 0.1.18
   prerelease: 
-  segments: 
-  - 0
-  - 1
-  - 17
-  version: 0.1.17
 platform: ruby
-authors: 
+authors:
 - Josh Ellithorpe
 - Yury Korolev
 autorequire: 
 bindir: bin
 cert_chain: []
-
-date: 2013-04-24 00:00:00 -07:00
-default_executable: 
-dependencies: 
-- !ruby/object:Gem::Dependency 
+date: 2013-06-17 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
   name: omniauth
-  prerelease: false
-  requirement: &id001 !ruby/object:Gem::Requirement 
+  requirement: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
+    requirements:
     - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 15
-        segments: 
-        - 1
-        - 0
-        version: "1.0"
+      - !ruby/object:Gem::Version
+        version: '1.0'
   type: :runtime
-  version_requirements: *id001
-- !ruby/object:Gem::Dependency 
-  name: omniauth-oauth2
   prerelease: false
-  requirement: &id002 !ruby/object:Gem::Requirement 
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: omniauth-oauth2
+  requirement: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :runtime
-  version_requirements: *id002
-- !ruby/object:Gem::Dependency 
-  name: rspec
   prerelease: false
-  requirement: &id003 !ruby/object:Gem::Requirement 
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
+    requirements:
     - - ~>
-      - !ruby/object:Gem::Version 
-        hash: 23
-        segments: 
-        - 2
-        - 6
-        - 0
+      - !ruby/object:Gem::Version
         version: 2.6.0
   type: :development
-  version_requirements: *id003
-- !ruby/object:Gem::Dependency 
-  name: rake
   prerelease: false
-  requirement: &id004 !ruby/object:Gem::Requirement 
+  version_requirements: !ruby/object:Gem::Requirement
     none: false
-    requirements: 
-    - - ">="
-      - !ruby/object:Gem::Version 
-        hash: 3
-        segments: 
-        - 0
-        version: "0"
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 2.6.0
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
   type: :development
-  version_requirements: *id004
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 description: A Google oauth2 strategy for OmniAuth 1.0
-email: 
+email:
 - quest@mac.com
 executables: []
-
 extensions: []
-
 extra_rdoc_files: []
-
-files: 
+files:
 - .gitignore
-- .rvmrc
+- .ruby-version
 - Gemfile
 - README.md
 - Rakefile
@@ -103,41 +98,37 @@ files:
 - spec/omniauth/strategies/google_oauth2_spec.rb
 - spec/spec_helper.rb
 - spec/support/shared_examples.rb
-has_rdoc: true
-homepage: ""
+homepage: ''
 licenses: []
-
 post_install_message: 
 rdoc_options: []
-
-require_paths: 
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
+required_ruby_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
       - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
+      hash: 465443751449155842
+required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
-  requirements: 
-  - - ">="
-    - !ruby/object:Gem::Version 
-      hash: 3
-      segments: 
+  requirements:
+  - - ! '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+      segments:
       - 0
-      version: "0"
+      hash: 465443751449155842
 requirements: []
-
 rubyforge_project: 
-rubygems_version: 1.6.2
+rubygems_version: 1.8.25
 signing_key: 
 specification_version: 3
 summary: A Google oauth2 strategy for OmniAuth 1.0
-test_files: 
+test_files:
 - spec/omniauth/strategies/google_oauth2_spec.rb
 - spec/spec_helper.rb
 - spec/support/shared_examples.rb

data/.rvmrc

@@ -1 +0,0 @@
-rvm use 1.9.3@omniauth-google-oauth2 --create